Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens":
17  assumes φ and φ  ψ
18  shows ψ
19  (* NOTE: semantics needed *)
20  using assms by (simp add: AOT_sem_imp)
21lemmas MP = "modus-ponens"
22
23subsection‹(Modally Strict) Proofs and Derivations›
24text‹\label{PLM: 9.2}›
25
26AOT_theorem "non-con-thm-thm":
27  assumes  φ
28  shows  φ
29  using assms by simp
30
31AOT_theorem "vdash-properties:1[1]":
32  assumes φ  Λ
33  shows  φ
34  (* NOTE: semantics needed *)
35  using assms unfolding AOT_model_act_axiom_def by blast
36
37text‹Convenience attribute for instantiating modally-fragile axioms.›
38attribute_setup act_axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute []
40    (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
41  "Instantiate modally fragile axiom as modally fragile theorem."
42
43AOT_theorem "vdash-properties:1[2]":
44  assumes φ  Λ
45  shows  φ
46  (* NOTE: semantics needed *)
47  using assms unfolding AOT_model_axiom_def by blast
48
49text‹Convenience attribute for instantiating modally-strict axioms.›
50attribute_setup axiom_inst =
51  ‹Scan.succeed (Thm.rule_attribute []
52    (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
53  "Instantiate axiom as theorem."
54
55text‹Convenience methods and theorem sets for applying "cqt:2".›
56method cqt_2_lambda_inst_prover =
57  (fast intro: AOT_instance_of_cqt_2_intro)
58method "cqt:2[lambda]" =
59  (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
60lemmas "cqt:2" =
61  "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst]
62  AOT_instance_of_cqt_2_intro
63method "cqt:2" = (safe intro!: "cqt:2")
64
65AOT_theorem "vdash-properties:3":
66  assumes  φ
67  shows Γ  φ
68  using assms by blast
69
70AOT_theorem "vdash-properties:5":
71  assumes Γ1  φ and Γ2  φ  ψ
72  shows Γ1, Γ2  ψ
73  using MP assms by blast
74
75AOT_theorem "vdash-properties:6":
76  assumes φ and φ  ψ
77  shows ψ
78  using MP assms by blast
79
80AOT_theorem "vdash-properties:8":
81  assumes Γ  φ and φ  ψ
82  shows Γ  ψ
83  using assms by argo
84
85AOT_theorem "vdash-properties:9":
86  assumes φ
87  shows ψ  φ
88  using MP "pl:1"[axiom_inst] assms by blast
89
90AOT_theorem "vdash-properties:10":
91  assumes φ  ψ and φ
92  shows ψ
93  using MP assms by blast
94lemmas "→E" = "vdash-properties:10"
95
96subsection‹Two Fundamental Metarules: GEN and RN›
97text‹\label{PLM: 9.3}›
98
99AOT_theorem "rule-gen":
100  assumes for arbitrary α: φ{α}
101  shows α φ{α}
102  (* NOTE: semantics needed *)
103  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall)
104lemmas GEN = "rule-gen"
105
106AOT_theorem "RN[prem]":
107  assumes Γ  φ
108  shows Γ  φ
109  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
110AOT_theorem RN:
111  assumes  φ
112  shows φ
113  using "RN[prem]" assms by blast
114
115subsection‹The Inferential Role of Definitions›
116text‹\label{PLM: 9.4}›
117
118AOT_axiom "df-rules-formulas[1]":
119  assumes φ df ψ
120  shows φ  ψ
121  (* NOTE: semantics needed *)
122  using assms
123  by (auto simp: assms AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
124AOT_axiom "df-rules-formulas[2]":
125  assumes φ df ψ
126  shows ψ  φ
127  (* NOTE: semantics needed *)
128  using assms
129  by (auto simp: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
130(* NOTE: for convenience also state the above as regular theorems *)
131AOT_theorem "df-rules-formulas[3]":
132  assumes φ df ψ
133  shows φ  ψ
134  using "df-rules-formulas[1]"[axiom_inst, OF assms].
135AOT_theorem "df-rules-formulas[4]":
136  assumes φ df ψ
137  shows ψ  φ
138  using "df-rules-formulas[2]"[axiom_inst, OF assms].
139
140
141AOT_axiom "df-rules-terms[1]":
142  assumes τ{α1...αn} =df σ{α1...αn}
143  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
144         (¬σ{τ1...τn}  ¬τ{τ1...τn})
145  (* NOTE: semantics needed *)
146  using assms
147  by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq
148                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
149AOT_axiom "df-rules-terms[2]":
150  assumes τ =df σ
151  shows (σ  τ = σ) & (¬σ  ¬τ)
152  by (metis "df-rules-terms[1]" case_unit_Unity assms)
153(* NOTE: for convenience also state the above as regular theorems *)
154AOT_theorem "df-rules-terms[3]":
155  assumes τ{α1...αn} =df σ{α1...αn}
156  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
157         (¬σ{τ1...τn}  ¬τ{τ1...τn})
158  using "df-rules-terms[1]"[axiom_inst, OF assms].
159AOT_theorem "df-rules-terms[4]":
160  assumes τ =df σ
161  shows (σ  τ = σ) & (¬σ  ¬τ)
162  using "df-rules-terms[2]"[axiom_inst, OF assms].
163
164subsection‹The Theory of Negations and Conditionals›
165text‹\label{PLM: 9.5}›
166
167AOT_theorem "if-p-then-p": φ  φ
168  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
169
170AOT_theorem "deduction-theorem":
171  assumes φ  ψ
172  shows φ  ψ
173  (* NOTE: semantics needed *)
174  using assms by (simp add: AOT_sem_imp)
175lemmas CP = "deduction-theorem"
176lemmas "→I" = "deduction-theorem"
177
178AOT_theorem "ded-thm-cor:1":
179  assumes Γ1  φ  ψ and Γ2  ψ  χ
180  shows Γ1, Γ2  φ  χ
181  using "→E" "→I" assms by blast
182AOT_theorem "ded-thm-cor:2":
183  assumes Γ1  φ  (ψ  χ) and Γ2  ψ
184  shows Γ1, Γ2  φ  χ
185  using "→E" "→I" assms by blast
186
187AOT_theorem "ded-thm-cor:3":
188  assumes φ  ψ and ψ  χ
189  shows φ  χ
190  using "→E" "→I" assms by blast
191declare "ded-thm-cor:3"[trans]
192AOT_theorem "ded-thm-cor:4":
193  assumes φ  (ψ  χ) and ψ
194  shows φ  χ
195  using "→E" "→I" assms by blast
196
197lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
198
199AOT_theorem "useful-tautologies:1": ¬¬φ  φ
200  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
201AOT_theorem "useful-tautologies:2": φ  ¬¬φ
202  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
203AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
204  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
205AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
206  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
207AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
208  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
209
210AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
211  by (metis "→I" MP "useful-tautologies:4")
212
213AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
214  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
215
216AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
217  by (metis "→I" MP "useful-tautologies:5")
218
219AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
220  by (metis "→I" MP "useful-tautologies:6")
221
222AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
223  by (metis "→I" MP "pl:3"[axiom_inst])
224
225AOT_theorem "dn-i-e:1":
226  assumes φ
227  shows ¬¬φ
228  using MP "useful-tautologies:2" assms by blast
229lemmas "¬¬I" = "dn-i-e:1"
230AOT_theorem "dn-i-e:2":
231  assumes ¬¬φ
232  shows φ
233  using MP "useful-tautologies:1" assms by blast
234lemmas "¬¬E" = "dn-i-e:2"
235
236AOT_theorem "modus-tollens:1":
237  assumes φ  ψ and ¬ψ
238  shows ¬φ
239  using MP "useful-tautologies:5" assms by blast
240AOT_theorem "modus-tollens:2":
241  assumes φ  ¬ψ and ψ
242  shows ¬φ
243  using "¬¬I" "modus-tollens:1" assms by blast
244lemmas MT = "modus-tollens:1" "modus-tollens:2"
245
246AOT_theorem "contraposition:1[1]":
247  assumes φ  ψ
248  shows ¬ψ  ¬φ
249  using "→I" MT(1) assms by blast
250AOT_theorem "contraposition:1[2]":
251  assumes ¬ψ  ¬φ
252  shows φ  ψ
253  using "→I" "¬¬E" MT(2) assms by blast
254
255AOT_theorem "contraposition:2":
256  assumes φ  ¬ψ
257  shows ψ  ¬φ
258  using "→I" MT(2) assms by blast
259
260(* TODO: this is actually a mixture of the two variants given in PLM. *)
261AOT_theorem "reductio-aa:1":
262  assumes ¬φ  ¬ψ and ¬φ  ψ
263  shows φ
264  using "→I" "¬¬E" MT(2) assms by blast
265AOT_theorem "reductio-aa:2":
266  assumes φ  ¬ψ and φ  ψ
267  shows ¬φ
268  using "reductio-aa:1" assms by blast
269lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
270
271AOT_theorem "exc-mid": φ  ¬φ
272  using "df-rules-formulas[4]" "if-p-then-p" MP
273        "conventions:2" by blast
274
275AOT_theorem "non-contradiction": ¬(φ & ¬φ)
276  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2"
277        "conventions:1" by blast
278
279AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
280  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
281AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
282  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2)
283            "¬¬E" "conventions:1")
284lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
285
286AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
287  by (meson "contraposition:1[2]" "df-rules-formulas[4]"
288            MP "→I" "conventions:2")
289AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
290  using "Hypothetical Syllogism" "df-rules-formulas[4]"
291        "pl:1"[axiom_inst] "conventions:2" by blast
292lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
293
294AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
295  by (metis "contraposition:2" "Hypothetical Syllogism" "→I"
296            "df-rules-formulas[4]" "conventions:1")
297lemmas Adjunction = "con-dis-taut:5"
298
299AOT_theorem "con-dis-taut:6": (φ & φ)  φ
300  by (metis Adjunction "→I" "df-rules-formulas[4]" MP
301            "Conjunction Simplification"(1) "conventions:3")
302lemmas "Idempotence of &" = "con-dis-taut:6"
303
304AOT_theorem "con-dis-taut:7": (φ  φ)  φ
305proof -
306  {
307    AOT_assume φ  φ
308    AOT_hence ¬φ  φ
309      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
310    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
311  }
312  moreover {
313    AOT_assume φ
314    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
315  }
316  ultimately AOT_show (φ  φ)  φ
317    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
318    by (metis Adjunction "→I")
319qed
320lemmas "Idempotence of ∨" = "con-dis-taut:7"
321
322
323AOT_theorem "con-dis-i-e:1":
324  assumes φ and ψ
325  shows φ & ψ
326  using Adjunction MP assms by blast
327lemmas "&I" = "con-dis-i-e:1"
328
329AOT_theorem "con-dis-i-e:2:a":
330  assumes φ & ψ
331  shows φ
332  using "Conjunction Simplification"(1) MP assms by blast
333AOT_theorem "con-dis-i-e:2:b":
334  assumes φ & ψ
335  shows ψ
336  using "Conjunction Simplification"(2) MP assms by blast
337lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
338
339AOT_theorem "con-dis-i-e:3:a":
340  assumes φ
341  shows φ  ψ
342  using "Disjunction Addition"(1) MP assms by blast
343AOT_theorem "con-dis-i-e:3:b":
344  assumes ψ
345  shows φ  ψ
346  using "Disjunction Addition"(2) MP assms by blast
347AOT_theorem "con-dis-i-e:3:c":
348  assumes φ  ψ and φ  χ and ψ  Θ
349  shows χ  Θ
350  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2)
351            "df-rules-formulas[3]" MT(1) RAA(1)
352            "conventions:2" assms)
353lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
354
355AOT_theorem "con-dis-i-e:4:a":
356  assumes φ  ψ and φ  χ and ψ  χ
357  shows χ
358  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
359AOT_theorem "con-dis-i-e:4:b":
360  assumes φ  ψ and ¬φ
361  shows ψ
362  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
363AOT_theorem "con-dis-i-e:4:c":
364  assumes φ  ψ and ¬ψ
365  shows φ
366  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
367lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
368
369AOT_theorem "raa-cor:1":
370  assumes ¬φ  ψ & ¬ψ
371  shows φ
372  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
373AOT_theorem "raa-cor:2":
374  assumes φ  ψ & ¬ψ
375  shows ¬φ
376  using "raa-cor:1" assms by blast
377AOT_theorem "raa-cor:3":
378  assumes φ and ¬ψ  ¬φ
379  shows ψ
380  using RAA assms by blast
381AOT_theorem "raa-cor:4":
382  assumes ¬φ and ¬ψ  φ
383  shows ψ
384  using RAA assms by blast
385AOT_theorem "raa-cor:5":
386  assumes φ and ψ  ¬φ
387  shows ¬ψ
388  using RAA assms by blast
389AOT_theorem "raa-cor:6":
390  assumes ¬φ and ψ  φ
391  shows ¬ψ
392  using RAA assms by blast
393
394(* TODO: note these need manual introduction rules *)
395AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
396  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
397     (metis "&E" "&I" "raa-cor:3" "→I" MP)
398AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
399  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
400     (metis "&E" "&I" "raa-cor:3" "→I" MP)
401AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
402  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
403     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
404
405AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
406  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
407     (meson "&I" "&E" "→I")
408lemmas "Commutativity of &" = "oth-class-taut:2:a"
409AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
410  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
411     (metis "&I" "&E" "→I")
412lemmas "Associativity of &" = "oth-class-taut:2:b"
413AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
414  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
415     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
416lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
417AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
418  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
419     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
420lemmas "Associativity of ∨" = "oth-class-taut:2:d"
421AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
422  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
423      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E"
424            "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
425lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
426AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
427  using "conventions:3"[THEN "df-rules-formulas[4]"]
428        "conventions:3"[THEN "df-rules-formulas[3]"]
429        "→I" "→E" "&E" "&I"
430  by metis
431lemmas "Associativity of ≡" = "oth-class-taut:2:f"
432
433AOT_theorem "oth-class-taut:3:a": φ  φ
434  using "&I" "vdash-properties:6" "if-p-then-p"
435        "df-rules-formulas[4]" "conventions:3" by blast
436AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
437  using "&I" "useful-tautologies:1" "useful-tautologies:2" "→E"
438        "df-rules-formulas[4]" "conventions:3" by blast
439AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
440  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
441
442AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
443  by (metis "→E" "→I")
444AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
445  using "conventions:3"[THEN "df-rules-formulas[4]"]
446        "conventions:3"[THEN "df-rules-formulas[3]"]
447        "→I" "→E" "&E" "&I" RAA by metis
448AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
449  using "conventions:3"[THEN "df-rules-formulas[4]"]
450        "conventions:3"[THEN "df-rules-formulas[3]"]
451        "→I" "→E" "&E" "&I" by metis
452AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
453  using "conventions:3"[THEN "df-rules-formulas[4]"]
454        "conventions:3"[THEN "df-rules-formulas[3]"]
455        "→I" "→E" "&E" "&I" by metis
456AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
457  using "conventions:3"[THEN "df-rules-formulas[4]"]
458        "conventions:3"[THEN "df-rules-formulas[3]"]
459        "→I" "→E" "&E" "&I" by metis
460AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
461  using "conventions:3"[THEN "df-rules-formulas[4]"]
462        "conventions:3"[THEN "df-rules-formulas[3]"]
463        "→I" "→E" "&E" "&I" by metis
464AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
465proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
466                   "&I" "→I"
467           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
468  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
469    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
470next
471  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
472    using that "∨E" "&E" "raa-cor:3" by blast
473next
474  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
475    using that "∨E" "&E" "raa-cor:3" by blast
476qed
477AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
478proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
479                    "&I" "→I")
480  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
481    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]"
482              "raa-cor:3" "conventions:3")
483next
484  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
485    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]"
486              "raa-cor:3" "conventions:3")
487qed
488AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
489  using "conventions:3"[THEN "df-rules-formulas[4]"]
490        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
491AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
492  using "conventions:3"[THEN "df-rules-formulas[4]"]
493        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
494AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
495  using "conventions:3"[THEN "df-rules-formulas[4]"]
496        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
497AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
498  using "conventions:3"[THEN "df-rules-formulas[4]"]
499        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
500
501lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
502
503AOT_theorem "oth-class-taut:6:a":
504  (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
505  using "conventions:3"[THEN "df-rules-formulas[4]"]
506        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
507AOT_theorem "oth-class-taut:6:b":
508  (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
509  using "conventions:3"[THEN "df-rules-formulas[4]"]
510        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
511
512AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
513  by (metis "&I" "→E" "→I")
514lemmas Exportation = "oth-class-taut:7:a"
515AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
516  by (metis "&E" "→E" "→I")
517lemmas Importation = "oth-class-taut:7:b"
518
519AOT_theorem "oth-class-taut:8:a":
520  (φ  (ψ  χ))  (ψ  (φ  χ))
521  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I"
522  by metis
523lemmas Permutation = "oth-class-taut:8:a"
524AOT_theorem "oth-class-taut:8:b":
525  (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
526  by (metis "&I" "→E" "→I")
527lemmas Composition = "oth-class-taut:8:b"
528AOT_theorem "oth-class-taut:8:c":
529  (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
530  by (metis "∨E"(2) "→E" "→I" RAA(1))
531AOT_theorem "oth-class-taut:8:d":
532  ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
533  by (metis "&E" "&I" "→E" "→I")
534lemmas "Double Composition" = "oth-class-taut:8:d"
535AOT_theorem "oth-class-taut:8:e":
536  ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
537  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
538            "conventions:3"[THEN "df-rules-formulas[3]"]
539            "→I" "→E" "&E" "&I")
540AOT_theorem "oth-class-taut:8:f":
541  ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
542  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
543            "conventions:3"[THEN "df-rules-formulas[3]"]
544            "→I" "→E" "&E" "&I")
545AOT_theorem "oth-class-taut:8:g":
546  (ψ  χ)  ((φ  ψ)  (φ  χ))
547  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
548            "conventions:3"[THEN "df-rules-formulas[3]"]
549            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
550AOT_theorem "oth-class-taut:8:h":
551  (ψ  χ)  ((ψ  φ)  (χ  φ))
552  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
553            "conventions:3"[THEN "df-rules-formulas[3]"]
554            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
555AOT_theorem "oth-class-taut:8:i":
556  (φ  (ψ & χ))  (ψ  (φ  χ))
557  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
558            "conventions:3"[THEN "df-rules-formulas[3]"]
559            "→I" "→E" "&E" "&I")
560
561AOT_theorem "intro-elim:1":
562  assumes φ  ψ and φ  χ and ψ  Θ
563  shows χ  Θ
564  by (metis assms "∨I"(1, 2) "∨E"(1) "→I" "→E" "&E"(1)
565            "conventions:3"[THEN "df-rules-formulas[3]"])
566
567AOT_theorem "intro-elim:2":
568  assumes φ  ψ and ψ  φ
569  shows φ  ψ
570  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
571lemmas "≡I" = "intro-elim:2"
572
573AOT_theorem "intro-elim:3:a":
574  assumes φ  ψ and φ
575  shows ψ
576  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
577AOT_theorem "intro-elim:3:b":
578  assumes φ  ψ and ψ
579  shows φ
580  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
581AOT_theorem "intro-elim:3:c":
582  assumes φ  ψ and ¬φ
583  shows ¬ψ
584  using "intro-elim:3:b" "raa-cor:3" assms by blast
585AOT_theorem "intro-elim:3:d":
586  assumes φ  ψ and ¬ψ
587  shows ¬φ
588  using "intro-elim:3:a" "raa-cor:3" assms by blast
589AOT_theorem "intro-elim:3:e":
590  assumes φ  ψ and ψ  χ
591  shows φ  χ
592  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
593declare "intro-elim:3:e"[trans]
594AOT_theorem "intro-elim:3:f":
595  assumes φ  ψ and φ  χ
596  shows χ  ψ
597  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
598lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c"
599              "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
600
601declare "Commutativity of ≡"[THEN "≡E"(1), sym]
602
603AOT_theorem "rule-eq-df:1":
604  assumes φ df ψ
605  shows φ  ψ
606  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
607lemmas "≡Df" = "rule-eq-df:1"
608AOT_theorem "rule-eq-df:2":
609  assumes φ df ψ and φ
610  shows ψ
611  using "≡Df" "≡E"(1) assms by blast
612lemmas "≡dfE" = "rule-eq-df:2"
613AOT_theorem "rule-eq-df:3":
614  assumes φ df ψ and ψ
615  shows φ
616  using "≡Df" "≡E"(2) assms by blast
617lemmas "≡dfI" = "rule-eq-df:3"
618
619AOT_theorem  "df-simplify:1":
620  assumes φ  (ψ & χ) and ψ
621  shows φ  χ
622  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
623(* TODO: this is a slight variation from PLM *)
624AOT_theorem  "df-simplify:2":
625  assumes φ  (ψ & χ) and χ
626  shows φ  ψ
627  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
628lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
629
630subsection‹The Theory of Quantification›
631text‹\label{PLM: 9.6}›
632
633AOT_theorem "rule-ui:1":
634  assumes α φ{α} and τ
635  shows φ{τ}
636  using "→E" "cqt:1"[axiom_inst] assms by blast
637AOT_theorem "rule-ui:2[const_var]":
638  assumes α φ{α}
639  shows φ{β}
640  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
641(* TODO: precise proviso in PLM *)
642AOT_theorem "rule-ui:2[lambda]":
643  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
644  shows φ{ν1...νn ψ{ν1...νn}]}
645  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
646AOT_theorem "rule-ui:3":
647  assumes α φ{α}
648  shows φ{α}
649  by (simp add: "rule-ui:2[const_var]" assms)
650lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]"
651              "rule-ui:2[lambda]" "rule-ui:3"
652
653AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β}
654  by (simp add: "∀E"(2) "→I")
655AOT_theorem "cqt-orig:1[lambda]":
656  assumes INSTANCE_OF_CQT_2(ψ)
657  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
658  by (simp add: "∀E"(3) "→I" assms)
659AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
660  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
661AOT_theorem "cqt-orig:3": α φ{α}  φ{α}
662  using "cqt-orig:1[const_var]".
663
664(* TODO: work out difference to GEN *)
665AOT_theorem universal:
666  assumes for arbitrary β: φ{β}
667  shows α φ{α}
668  using GEN assms .
669lemmas "∀I" = universal
670
671(* Generalized mechanism for "∀I" followed by ∀E *)
672ML673fun get_instantiated_allI ctxt varname thm = let
674val trm = Thm.concl_of thm
675val trm =
676  case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
677  | _ => raise Term.TERM ("Expected simple theorem.", [trm])
678fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
679    (* TODO: care about the index? *)
680    (if fst (fst v) = fst varname then [Var v] else [])
681  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
682  | extractVars (Abs (_, _, t)) = extractVars t
683  | extractVars _ = []
684val vars = extractVars trm
685val vars = fold Term.add_vars vars []
686val var = hd vars
687val trmty =
688  case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
689  | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
690val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
691      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
692       $ Var var, trm))
693val trm = Thm.cterm_of (Context.proof_of ctxt) trm
694val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
695val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
696fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
697val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
698fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
699val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
700val allthm = Drule.instantiate_normalize (TVars_make [(ty, typ)],Vars_empty) @{thm "∀I"}
701val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
702val allthm = Drule.instantiate_normalize (TVars_empty, Vars_make [(phi,trm)]) allthm
703in
704allthm
705end
706
707
708attribute_setup "∀I" =
709  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
710  (fn ctxt => fn thm => fold (fn arg => fn thm =>
711    thm RS get_instantiated_allI ctxt arg thm) args thm))
712  "Quantify over a variable in a theorem using GEN."
713
714attribute_setup "unvarify" =
715  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
716  (fn ctxt => fn thm =>
717    let
718      fun get_inst_allI arg thm = thm RS get_instantiated_allI ctxt arg thm
719      val thm = fold get_inst_allI args thm
720      val thm = fold (K (fn thm => thm RS @{thm "∀E"(1)})) args thm
721    in
722     thm
723    end))
724  "Generalize a statement about variables to a statement about denoting terms."
725
726(* TODO: rereplace-lem does not apply to the embedding *)
727
728AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
729  by (metis "≡I" "∀E"(2) "∀I" "→I")
730
731AOT_theorem "cqt-basic:2":
732  α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
733proof (rule "≡I"; rule "→I")
734  AOT_assume α(φ{α}  ψ{α})
735  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
736  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
737    using "≡E"(1,2) "→I" by blast+
738  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
739    by (auto intro: "&I" "∀I")
740next
741  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
742  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
743    using "∀E"(2) "&E" by blast+
744  AOT_hence φ{α}  ψ{α} for α
745    using "≡I" by blast
746  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
747qed
748
749AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
750proof(rule "→I")
751  AOT_assume α(φ{α}  ψ{α})
752  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
753  {
754    AOT_assume α φ{α}
755    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
756  }
757  moreover {
758    AOT_assume α ψ{α}
759    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
760  }
761  ultimately AOT_show α φ{α}  α ψ{α}
762    using "≡I" "→I" by auto
763qed
764
765AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
766proof(rule "→I")
767  AOT_assume 0: α(φ{α} & ψ{α})
768  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
769  AOT_thus α φ{α} & α ψ{α}
770    by (auto intro: "∀I" "&I")
771qed
772
773AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
774  using "cqt-orig:3" by blast
775
776AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
777  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
778
779AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
780  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
781
782AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
783  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
784
785AOT_theorem "cqt-basic:9":
786  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
787proof -
788  {
789    AOT_assume α (φ{α}  ψ{α})
790    moreover AOT_assume α (ψ{α}  χ{α})
791    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α
792      using "∀E" by blast+
793    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
794    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
795  }
796  thus ?thesis using "&I" "→I" "&E" by meson
797qed
798
799AOT_theorem "cqt-basic:10":
800  (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
801proof(rule "→I"; rule "∀I")
802  fix β
803  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
804  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
805  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
806qed
807
808AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
809proof (rule "≡I"; rule "→I")
810  AOT_assume 0: α(φ{α}  ψ{α})
811  {
812    fix α
813    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
814    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
815  }
816  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
817next
818  AOT_assume 0: α(ψ{α}  φ{α})
819  {
820    fix α
821    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
822    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
823  }
824  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
825qed
826
827AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
828  by (simp add: "∀E"(2) "→I" GEN)
829
830AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
831  using "≡I" "→I" by blast
832
833AOT_theorem "cqt-basic:14":
834  (α1...∀αn (φ{α1...αn}  ψ{α1...αn})) 
835   ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
836  using "cqt:3"[axiom_inst] by auto
837
838AOT_theorem "cqt-basic:15":
839  (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
840  using "cqt-orig:2" by auto
841
842(* TODO: indistinguishable from GEN in the embedding *)
843AOT_theorem "universal-cor":
844  assumes for arbitrary β: φ{β}
845  shows α φ{α}
846  using GEN assms .
847
848AOT_theorem "existential:1":
849  assumes φ{τ} and τ
850  shows α φ{α}
851proof(rule "raa-cor:1")
852  AOT_assume ¬α φ{α}
853  AOT_hence α ¬φ{α}
854    using "≡dfI" "conventions:4" RAA "&I" by blast
855  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
856  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
857qed
858
859AOT_theorem "existential:2[const_var]":
860  assumes φ{β}
861  shows α φ{α}
862  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
863
864AOT_theorem "existential:2[lambda]":
865  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
866  shows α φ{α}
867  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
868lemmas "∃I" = "existential:1" "existential:2[const_var]"
869              "existential:2[lambda]" 
870
871AOT_theorem "instantiation":
872  assumes for arbitrary β: φ{β}  ψ and α φ{α}
873  shows ψ
874  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
875lemmas "∃E" = "instantiation"
876
877AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
878  using "∀E"(4) "∃I"(2) "→I" by metis
879
880AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
881  using "∀I" "∃I"(2) "→I" RAA by metis
882
883AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
884  using "∀E"(4) "∃E" "→I" RAA
885  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
886
887AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
888  using "∀I" "∃I"(2)"→I" RAA by metis
889
890AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
891  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
892
893AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
894  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
895
896(* NOTE: vacuous in the embedding *)
897AOT_theorem "cqt-further:7": α φ{α}  β φ{β}
898  by (simp add: "oth-class-taut:3:a")
899
900AOT_theorem "cqt-further:8":
901  (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
902  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
903
904AOT_theorem "cqt-further:9":
905  (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
906  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
907
908AOT_theorem "cqt-further:10":
909  (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
910proof(rule "→I"; rule "raa-cor:2")
911  AOT_assume 0: α φ{α} & ¬α ψ{α}
912  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
913  moreover AOT_assume α (φ{α}  ψ{α})
914  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
915  AOT_hence α ψ{α} using "∃I" by blast
916  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
917qed
918
919AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
920  using "≡I" "→I" "∃I"(2) "∃E" by metis
921
922subsection‹Logical Existence, Identity, and Truth›
923text‹\label{PLM: 9.7}›
924
925AOT_theorem "log-prop-prop:1":  φ]
926  using "cqt:2[lambda0]"[axiom_inst] by auto
927
928AOT_theorem "log-prop-prop:2": φ
929  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
930
931AOT_theorem "exist-nec": τ  τ
932proof -
933  AOT_have β β
934    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
935  AOT_thus τ  τ
936    using "cqt:1"[axiom_inst] "→E" by blast
937qed
938
939(* TODO: replace this mechanism by a "proof by types" command *)
940class AOT_Term_id = AOT_Term +
941  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
942      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
943
944instance κ :: AOT_Term_id
945proof
946  AOT_modally_strict {
947    AOT_show κ = κ'  κ for κ κ'
948    proof(rule "→I")
949      AOT_assume κ = κ'
950      AOT_hence O!κ  A!κ
951        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
952           (meson "→I" "∨I"(1) "&E"(1))+
953      AOT_thus κ
954        by (rule "∨E"(1))
955           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
956    qed
957  }
958next
959  AOT_modally_strict {
960    AOT_show κ = κ'  κ' for κ κ'
961    proof(rule "→I")
962      AOT_assume κ = κ'
963      AOT_hence O!κ'  A!κ'
964        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
965           (meson "→I" "∨I" "&E")+
966      AOT_thus κ'
967        by (rule "∨E"(1))
968           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
969    qed
970  }
971qed
972
973instance rel :: (AOT_κs) AOT_Term_id
974proof
975  AOT_modally_strict {
976    AOT_show Π = Π'  Π for Π Π' :: <'a>
977    proof(rule "→I")
978      AOT_assume Π = Π'
979      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
980    qed
981  }
982next
983  AOT_modally_strict {
984    AOT_show Π = Π'  Π' for Π Π' :: <'a>
985    proof(rule "→I")
986      AOT_assume Π = Π'
987      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
988    qed
989  }
990qed
991
992instance 𝗈 :: AOT_Term_id
993proof
994  AOT_modally_strict {
995    fix φ ψ
996    AOT_show φ = ψ  φ
997    proof(rule "→I")
998      AOT_assume φ = ψ
999      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1000    qed
1001  }
1002next
1003  AOT_modally_strict {
1004    fix φ ψ
1005    AOT_show φ = ψ  ψ
1006    proof(rule "→I")
1007      AOT_assume φ = ψ
1008      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1009    qed
1010  }
1011qed
1012
1013instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
1014proof
1015  AOT_modally_strict {
1016    fix τ τ' :: 'a×'b
1017    AOT_show τ = τ'  τ
1018    proof (induct τ; induct τ'; rule "→I")
1019      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1020      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1021      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1022      AOT_hence τ1 and τ2
1023        using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
1024      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
1025    qed
1026  }
1027next
1028  AOT_modally_strict {
1029    fix τ τ' :: 'a×'b
1030    AOT_show τ = τ'  τ'
1031    proof (induct τ; induct τ'; rule "→I")
1032      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1033      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1034      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1035      AOT_hence τ1' and τ2'
1036        using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
1037      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
1038    qed
1039  }
1040qed
1041
1042(* This is the end of the "proof by types" and
1043   makes the results available on new theorems *)
1044AOT_register_type_constraints
1045  Term: _::AOT_Term_id› _::AOT_Term_id›
1046AOT_register_type_constraints
1047  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
1048AOT_register_type_constraints
1049  Relation: <_::{AOT_κs, AOT_Term_id}>
1050
1051AOT_theorem "id-rel-nec-equiv:1":
1052  Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1053proof(rule "→I")
1054  AOT_assume assumption: Π = Π'
1055  AOT_hence Π and Π'
1056    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1057  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn)) 
1058                                     x1...∀xn ([F]x1...xn  [G]x1...xn)))
1059    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1060  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1061                                   x1...∀xn ([Π]x1...xn  [Π']x1...xn))
1062    using "∀E"(1) by blast
1063  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1064             x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1065    using assumption "→E" by blast
1066  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
1067    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1068  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1069    using "→E" by blast
1070qed
1071
1072AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
1073proof(rule "→I")
1074  AOT_assume assumption: φ = ψ
1075  AOT_hence φ and ψ
1076    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1077  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
1078    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1079  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
1080    using "∀E"(1) by blast
1081  AOT_hence (φ  φ)  (φ  ψ)
1082    using assumption "→E" by blast
1083  moreover AOT_have (φ  φ)
1084    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1085  ultimately AOT_show (φ  ψ)
1086    using "→E" by blast
1087qed
1088
1089AOT_theorem "rule=E":
1090  assumes φ{τ} and τ = σ
1091  shows φ{σ}
1092proof -
1093  AOT_have τ and σ
1094    using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
1095  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
1096    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
1097  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
1098    using "∀E"(1) by blast
1099  AOT_thus φ{σ} using assms "→E" by blast
1100qed
1101
1102AOT_theorem "propositions-lemma:1":  φ] = φ
1103proof -
1104  AOT_have φ by (simp add: "log-prop-prop:2")
1105  moreover AOT_have p  p] = p
1106    using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
1107  ultimately AOT_show  φ] = φ
1108    using "∀E" by blast
1109qed
1110
1111AOT_theorem "propositions-lemma:2":  φ]  φ
1112proof -
1113  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
1114  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
1115qed
1116
1117(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
1118
1119AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
1120  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
1121
1122(* dr-alphabetic-rules does not apply *)
1123
1124AOT_theorem "oa-exist:1": O!
1125proof -
1126  AOT_have x [E!]x] by "cqt:2[lambda]"
1127  AOT_hence 1: O! = x [E!]x]
1128    using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
1129  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1130qed
1131
1132AOT_theorem "oa-exist:2": A!
1133proof -
1134  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
1135  AOT_hence 1: A! = x ¬[E!]x]
1136    using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
1137  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1138qed
1139
1140AOT_theorem "oa-exist:3": O!x  A!x
1141proof(rule "raa-cor:1")
1142  AOT_assume ¬(O!x  A!x)
1143  AOT_hence A: ¬O!x and B: ¬A!x
1144    using "Disjunction Addition"(1) "modus-tollens:1"
1145          "∨I"(2) "raa-cor:5" by blast+
1146  AOT_have C: O! = x [E!]x]
1147    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2"
1148  AOT_have D: A! = x ¬[E!]x]
1149    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2"
1150  AOT_have E: ¬x [E!]x]x
1151    using A C "rule=E" by fast
1152  AOT_have F: ¬x ¬[E!]x]x
1153    using B D "rule=E" by fast
1154  AOT_have G: x [E!]x]x  [E!]x
1155    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1156  AOT_have H: x ¬[E!]x]x  ¬[E!]x
1157    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1158  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
1159qed
1160
1161AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
1162proof -
1163  AOT_have F = G  F & G & x(x[F]  x[G])
1164    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]"
1165          "→E" "&E" "≡I" "→I" by blast
1166  moreover AOT_have F and G
1167    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1168  ultimately AOT_show F = G  x(x[F]  x[G])
1169    using "≡S"(1) "&I" by blast
1170qed
1171
1172AOT_theorem "p-identity-thm2:2[2]":
1173  F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1174proof -
1175  AOT_have F = G  F & G &
1176              y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1177    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1178          "→E" "&E" "≡I" "→I" by blast
1179  moreover AOT_have F and G
1180    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1181  ultimately show ?thesis
1182    using "≡S"(1) "&I" by blast
1183qed
1184    
1185AOT_theorem "p-identity-thm2:2[3]":
1186  F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] &
1187                  x [F]y1xy2] = x [G]y1xy2] &
1188                  x [F]y1y2x] = x [G]y1y2x])
1189proof -
1190  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] &
1191                                     x [F]y1xy2] = x [G]y1xy2] &
1192                                     x [F]y1y2x] = x [G]y1y2x])
1193    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1194          "→E" "&E" "≡I" "→I" by blast
1195  moreover AOT_have F and G
1196    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1197  ultimately show ?thesis
1198    using "≡S"(1) "&I" by blast
1199qed
1200
1201AOT_theorem "p-identity-thm2:2[4]":
1202  F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1203                     x [F]y1xy2y3] = x [G]y1xy2y3] &
1204                     x [F]y1y2xy3] = x [G]y1y2xy3] &
1205                     x [F]y1y2y3x] = x [G]y1y2y3x])
1206proof -
1207  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1208                                        x [F]y1xy2y3] = x [G]y1xy2y3] &
1209                                        x [F]y1y2xy3] = x [G]y1y2xy3] &
1210                                        x [F]y1y2y3x] = x [G]y1y2y3x])
1211    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1212          "→E" "&E" "≡I" "→I" by blast
1213  moreover AOT_have F and G
1214    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1215  ultimately show ?thesis
1216    using "≡S"(1) "&I" by blast
1217qed
1218
1219AOT_theorem "p-identity-thm2:2":
1220  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1221proof -
1222  AOT_have F = G  F & G &
1223              x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1224    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]"
1225          "→E" "&E" "≡I" "→I" by blast
1226  moreover AOT_have F and G
1227    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1228  ultimately show ?thesis
1229    using "≡S"(1) "&I" by blast
1230qed
1231
1232AOT_theorem "p-identity-thm2:3":
1233  p = q  x p] = x q]
1234proof -
1235  AOT_have p = q  p & q & x p] = x q]
1236    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]"
1237          "→E" "&E" "≡I" "→I" by blast
1238  moreover AOT_have p and q
1239    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1240  ultimately show ?thesis
1241    using "≡S"(1) "&I" by blast
1242qed
1243
1244class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
1245
1246instance κ :: AOT_Term_id_2
1247proof
1248  AOT_modally_strict {
1249    fix x
1250    {
1251      AOT_assume O!x
1252      moreover AOT_have F([F]x  [F]x)
1253        using RN GEN "oth-class-taut:3:a" by fast
1254      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1255    }
1256    moreover {
1257      AOT_assume A!x
1258      moreover AOT_have F(x[F]  x[F])
1259        using RN GEN "oth-class-taut:3:a" by fast
1260      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1261    }
1262    ultimately AOT_have (O!x & O!x & F([F]x  [F]x)) 
1263                         (A!x & A!x & F(x[F]  x[F]))
1264      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1265    AOT_thus x = x
1266      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1267  }
1268qed
1269
1270instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1271proof
1272  AOT_modally_strict {
1273    fix F :: "<'a> AOT_var"
1274    AOT_have 0: x1...xn [F]x1...xn] = F
1275      by (simp add: "lambda-predicates:3"[axiom_inst])
1276    AOT_have x1...xn [F]x1...xn]
1277      by "cqt:2[lambda]"
1278    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1279      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1280    AOT_show F = F using "rule=E" 0 by force 
1281  }
1282qed
1283
1284instance 𝗈 :: AOT_Term_id_2
1285proof
1286  AOT_modally_strict {
1287    fix p
1288    AOT_have 0:  p] = p
1289      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1290    AOT_have  p]
1291      by (rule "cqt:2[lambda0]"[axiom_inst])
1292    AOT_hence  p] =  p]
1293      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1294    AOT_show p = p using "rule=E" 0 by force
1295  }
1296qed
1297
1298instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1299proof
1300  AOT_modally_strict {
1301    fix α :: ('a×'b) AOT_var›
1302    AOT_show α = α
1303    proof (induct)
1304      AOT_show τ = τ if τ for τ :: 'a×'b
1305        using that
1306      proof (induct τ)
1307        fix τ1 :: 'a and τ2 :: 'b
1308        AOT_assume «(τ1,τ2)»
1309        AOT_hence τ1 and τ2
1310          using "≡dfE" "&E" tuple_denotes by blast+
1311        AOT_hence τ1 = τ1 and τ2 = τ2
1312          using "id-eq:1"[unvarify α] by blast+
1313        AOT_thus «(τ1, τ2)» = «(τ1, τ2)»
1314          by (metis "≡dfI" "&I" tuple_identity_1)
1315      qed
1316    qed
1317  }
1318qed
1319
1320AOT_register_type_constraints
1321  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1322AOT_register_type_constraints
1323  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1324AOT_register_type_constraints
1325  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1326
1327(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1328AOT_theorem "id-eq:2": α = β  β = α
1329  by (meson "rule=E" "deduction-theorem")
1330
1331AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1332  using "rule=E" "→I" "&E" by blast
1333
1334AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1335proof (rule "≡I"; rule "→I")
1336  AOT_assume 0: α = β
1337  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1338  AOT_show γ (α = γ  β = γ)
1339    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1340next
1341  AOT_assume γ (α = γ  β = γ)
1342  AOT_hence α = α  β = α using "∀E"(2) by blast
1343  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1344  AOT_hence β = α using "id-eq:1" "→E" by blast
1345  AOT_thus α = β using "id-eq:2" "→E" by blast
1346qed
1347
1348AOT_theorem "rule=I:1":
1349  assumes τ
1350  shows τ = τ
1351proof -
1352  AOT_have α (α = α)
1353    by (rule GEN) (metis "id-eq:1")
1354  AOT_thus τ = τ using assms "∀E" by blast
1355qed
1356
1357AOT_theorem "rule=I:2[const_var]": "α = α"
1358  using "id-eq:1".
1359
1360AOT_theorem "rule=I:2[lambda]":
1361  assumes INSTANCE_OF_CQT_2(φ)
1362  shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1363proof -
1364  AOT_have α (α = α)
1365    by (rule GEN) (metis "id-eq:1")
1366  moreover AOT_have ν1...νn φ{ν1...νn}]
1367    using assms by (rule "cqt:2[lambda]"[axiom_inst])
1368  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]
1369    using assms "∀E" by blast
1370qed
1371
1372lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1373
1374AOT_theorem "rule-id-df:1":
1375  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1376  shows τ{τ1...τn} = σ{τ1...τn}
1377proof -
1378  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1379    using "df-rules-terms[3]" assms(1) "&E" by blast
1380  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1381    using assms(2) "→E" by blast
1382qed
1383
1384AOT_theorem "rule-id-df:1[zero]":
1385  assumes τ =df σ and σ
1386  shows τ = σ
1387proof -
1388  AOT_have σ  τ = σ
1389    using "df-rules-terms[4]" assms(1) "&E" by blast
1390  AOT_thus τ = σ
1391    using assms(2) "→E" by blast
1392qed
1393
1394AOT_theorem "rule-id-df:2:a":
1395  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1396  shows φ{σ{τ1...τn}}
1397proof -
1398  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1399  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1400qed
1401
1402(* TODO: get rid of this, ideally *)
1403AOT_theorem "rule-id-df:2:a[2]":
1404  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1405      and σ{«(τ1,τ2)»}
1406      and φ{τ{«(τ1,τ2)»}}
1407  shows φ{σ{«(τ1,τ2)»}}
1408proof -
1409  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1410  proof -
1411    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1412      (* NOTE: semantics needed *)
1413      using assms
1414      by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not
1415                    AOT_sem_denotes AOT_model_id_def)
1416    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1417      using assms(2) "→E" by blast
1418  qed
1419  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1420qed
1421
1422AOT_theorem "rule-id-df:2:a[zero]":
1423  assumes τ =df σ and σ and φ{τ}
1424  shows φ{σ}
1425proof -
1426  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1427  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1428qed
1429
1430lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1431
1432AOT_theorem "rule-id-df:2:b":
1433  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1434  shows φ{τ{τ1...τn}}
1435proof -
1436  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1437  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1438    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1439  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1440qed
1441
1442(* TODO: get rid of this, ideally *)
1443AOT_theorem "rule-id-df:2:b[2]":
1444  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1445      and σ{«(τ1,τ2)»}
1446      and φ{σ{«(τ1,τ2)»}}
1447  shows φ{τ{«(τ1,τ2)»}}
1448proof -
1449  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1450  proof -
1451    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1452      (* NOTE: semantics needed *)
1453      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq
1454                                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
1455    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1456      using assms(2) "→E" by blast
1457  qed
1458  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1459    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1460  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1461qed
1462
1463AOT_theorem "rule-id-df:2:b[zero]":
1464  assumes τ =df σ and σ and φ{σ}
1465  shows φ{τ}
1466proof -
1467  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1468  AOT_hence σ = τ
1469    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1470  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1471qed
1472
1473lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1474
1475AOT_theorem "free-thms:1": τ  β (β = τ)
1476  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1477
1478AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1479  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1480
1481AOT_theorem "free-thms:3[const_var]": β (β = α)
1482  by (meson "∃I"(2) "id-eq:1")
1483
1484AOT_theorem "free-thms:3[lambda]":
1485  assumes INSTANCE_OF_CQT_2(φ)
1486  shows β (β = ν1...νn φ{ν1...νn}])
1487  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1488
1489AOT_theorem "free-thms:4[rel]":
1490  ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1491  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1492            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1493
1494AOT_theorem "free-thms:4[vars]":
1495  ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1496  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1497            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1498
1499AOT_theorem "free-thms:4[1,rel]":
1500  ([Π]κ  κ[Π])  β (β = Π)
1501  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1502            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1503AOT_theorem "free-thms:4[1,1]":
1504  ([Π]κ  κ[Π])  β (β = κ)
1505  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1506            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1507
1508AOT_theorem "free-thms:4[2,rel]":
1509  ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1510  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1511            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1512AOT_theorem "free-thms:4[2,1]":
1513  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1514  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1515            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1516AOT_theorem "free-thms:4[2,2]":
1517  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1518  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1519            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1520AOT_theorem "free-thms:4[3,rel]":
1521  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1522  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1523            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1524AOT_theorem "free-thms:4[3,1]":
1525  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1526  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1527            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1528AOT_theorem "free-thms:4[3,2]":
1529  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1530  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1531            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1532AOT_theorem "free-thms:4[3,3]":
1533  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1534  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1535            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1536AOT_theorem "free-thms:4[4,rel]":
1537  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1538  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1539            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1540AOT_theorem "free-thms:4[4,1]":
1541  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1542  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1543            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1544AOT_theorem "free-thms:4[4,2]":
1545  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1546  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1547            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1548AOT_theorem "free-thms:4[4,3]":
1549  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1550  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1551            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1552AOT_theorem "free-thms:4[4,4]":
1553  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1554  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1555            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1556
1557AOT_theorem "ex:1:a": α α
1558  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1559AOT_theorem "ex:1:b": αβ(β = α)
1560  by (rule GEN) (fact "free-thms:3[const_var]")
1561
1562AOT_theorem "ex:2:a": α
1563  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1564AOT_theorem "ex:2:b": β(β = α)
1565  by (rule RN) (fact "free-thms:3[const_var]")
1566
1567AOT_theorem "ex:3:a": α α
1568  by (rule RN) (fact "ex:1:a")
1569AOT_theorem "ex:3:b": αβ(β = α)
1570  by (rule RN) (fact "ex:1:b")
1571
1572AOT_theorem "ex:4:a": α α
1573  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1574AOT_theorem "ex:4:b": αβ(β = α)
1575  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1576
1577AOT_theorem "ex:5:a": α α
1578  by (rule RN) (simp add: "ex:4:a")
1579AOT_theorem "ex:5:b": αβ(β = α)
1580  by (rule RN) (simp add: "ex:4:b")
1581
1582AOT_theorem "all-self=:1": α(α = α)
1583  by (rule RN; rule GEN) (fact "id-eq:1")
1584AOT_theorem "all-self=:2": α(α = α)
1585  by (rule GEN; rule RN) (fact "id-eq:1")
1586
1587AOT_theorem "id-nec:1": α = β  (α = β)
1588proof(rule "→I")
1589  AOT_assume α = β
1590  moreover AOT_have (α = α)
1591    by (rule RN) (fact "id-eq:1")
1592  ultimately AOT_show (α = β) using "rule=E" by fast
1593qed
1594
1595AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1596proof(rule "→I")
1597  AOT_assume asm: τ = σ
1598  moreover AOT_have τ
1599    using calculation "t=t-proper:1" "→E" by blast
1600  moreover AOT_have (τ = τ)
1601    using calculation "all-self=:2" "∀E"(1) by blast
1602  ultimately AOT_show (τ = σ) using "rule=E" by fast
1603qed
1604
1605AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1606proof (rule "≡I"; rule "→I")
1607  AOT_assume asm: φ{α}
1608  AOT_show β (β = α & φ{β})
1609    by (rule "∃I"(2)[where β=α]; rule "&I")
1610       (auto simp: "id-eq:1" asm)
1611next
1612  AOT_assume 0: β (β = α & φ{β})
1613  AOT_obtain β where β = α & φ{β}
1614    using "∃E"[rotated, OF 0] by blast
1615  AOT_thus φ{α} using "&E" "rule=E" by blast
1616qed
1617
1618AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1619proof(rule "→I")
1620  AOT_assume τ
1621  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1622    by (rule GEN) (fact "term-out:1")
1623  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1624    using "∀E" by blast
1625qed
1626
1627(* TODO: example of an apply-style proof. Keep or reformulate? *)
1628AOT_theorem "term-out:3":
1629  (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1630  apply (rule "≡I"; rule "→I")
1631   apply (frule "&E"(1))
1632   apply (drule "&E"(2))
1633   apply (rule GEN; rule "≡I"; rule "→I")
1634  using "rule-ui:2[const_var]" "vdash-properties:5"
1635    apply blast
1636   apply (meson "rule=E" "id-eq:1")
1637  apply (rule "&I")
1638  using "id-eq:1" "≡E"(2) "rule-ui:3"
1639   apply blast
1640  apply (rule GEN; rule "→I")
1641  using "≡E"(1) "rule-ui:2[const_var]"
1642  by blast
1643
1644(* Note: generalized alphabetic variant of the last theorem. *)
1645AOT_theorem "term-out:4":
1646  (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1647  using "term-out:3" .
1648
1649(* TODO: would of course be nice to define it without the syntax magic *)
1650AOT_define AOT_exists_unique :: ‹α  φ  φ› "uniqueness:1":
1651  «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1652syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1653AOT_syntax_print_translations
1654  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1655syntax
1656   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ›
1657   (∃!_...∃!_ _› [1,40])
1658parse_ast_translation1659[(syntax_const‹_AOT_exists_unique_ellipse›,
1660  fn ctx => fn [a,b,c] => Ast.mk_appl (Ast.Constant "AOT_exists_unique")
1661  [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1662 (syntax_const‹_AOT_exists_unique›,
1663  AOT_restricted_binder
1664    const_name‹AOT_exists_unique›
1665    const_syntax‹AOT_conj›)]
1666print_translationAOT_syntax_print_translations [
1667  AOT_preserve_binder_abs_tr'
1668    const_syntax‹AOT_exists_unique›
1669    syntax_const‹_AOT_exists_unique›
1670    (syntax_const‹_AOT_exists_unique_ellipse›, true)
1671    const_name‹AOT_conj›,
1672  AOT_binder_trans
1673    @{theory}
1674    @{binding "AOT_exists_unique_binder"}
1675    syntax_const‹_AOT_exists_unique›
1676]
1677
1678
1679context AOT_meta_syntax
1680begin
1681notation AOT_exists_unique (binder "!" 20)
1682end
1683context AOT_no_meta_syntax
1684begin
1685no_notation AOT_exists_unique (binder "!" 20)
1686end
1687
1688AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1689proof(rule "≡I"; rule "→I")
1690    AOT_assume ∃!α φ{α}
1691    AOT_hence α (φ{α} & β (φ{β}  β = α))
1692      using "uniqueness:1" "≡dfE" by blast
1693    then AOT_obtain α where φ{α} & β (φ{β}  β = α)
1694      using "instantiation"[rotated] by blast
1695    AOT_hence β(φ{β}  β = α)
1696      using "term-out:3" "≡E" by blast
1697    AOT_thus αβ(φ{β}  β = α)
1698      using "∃I" by fast
1699next
1700    AOT_assume αβ(φ{β}  β = α)
1701    then AOT_obtain α where β (φ{β}  β = α)
1702      using "instantiation"[rotated] by blast
1703    AOT_hence φ{α} & β (φ{β}  β = α)
1704      using "term-out:3" "≡E" by blast
1705    AOT_hence α (φ{α} & β (φ{β}  β = α))
1706      using "∃I" by fast
1707    AOT_thus ∃!α φ{α}
1708      using "uniqueness:1" "≡dfI" by blast
1709qed
1710
1711AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1712proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1713  fix β γ
1714  AOT_assume ∃!α φ{α}
1715  AOT_hence αβ(φ{β}  β = α)
1716    using "uniqueness:2" "≡E" by blast
1717  then AOT_obtain α where β(φ{β}  β = α)
1718    using "instantiation"[rotated] by blast
1719  moreover AOT_assume φ{β} & φ{γ}
1720  ultimately AOT_have β = α and γ = α
1721    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1722  AOT_thus β = γ
1723    by (metis "rule=E" "id-eq:2" "→E")
1724qed
1725
1726AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1727proof (rule "→I"; rule "→I")
1728  AOT_assume a: α(φ{α}  φ{α})
1729  AOT_assume ∃!α φ{α}
1730  AOT_hence α (φ{α} & β (φ{β}  β = α))
1731    using "uniqueness:1" "≡dfE" by blast
1732  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α)
1733    using "instantiation"[rotated] by blast
1734  AOT_have φ{α}
1735    using ξ a "&E" "∀E" "→E" by fast
1736  moreover AOT_have β (φ{β}  β = α)
1737    apply (rule GEN; rule "→I")
1738    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"]
1739          "qml:2"[axiom_inst, THEN "→E"] by blast
1740  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1741    using "&I" by blast
1742  AOT_thus ∃!α φ{α}
1743    using "uniqueness:1" "≡dfI" "∃I" by fast
1744qed
1745
1746subsection‹The Theory of Actuality and Descriptions›
1747text‹\label{PLM: 9.8}›
1748
1749AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1750  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1751
1752AOT_theorem "nec-imp-act": φ  𝒜φ
1753  by (metis "act-cond" "contraposition:1[2]" "≡E"(4)
1754            "qml:2"[THEN act_closure, axiom_inst]
1755            "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1756
1757AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1758  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst]
1759        "logic-actual-nec:4"[axiom_inst] by blast
1760
1761AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1762  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst]
1763            "logic-actual-nec:4"[axiom_inst] RAA(1))
1764
1765AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1766proof -
1767  AOT_have (φ  (ψ  (φ & ψ)))
1768    by (rule RN) (fact Adjunction)
1769  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1770    using "nec-imp-act" "→E" by blast
1771  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1772    using "act-cond" "→E" by blast
1773  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1774    by (fact "act-cond")
1775  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1776    using "→I" "→E" by metis
1777  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1778    by (metis Importation "→E")
1779qed
1780
1781AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1782proof -
1783  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1784    by (fact "act-conj-act:3")
1785  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1786    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1787  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1788    using "→E" by blast
1789  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1790    using "conventions:3"[THEN "df-rules-formulas[2]",
1791                          THEN act_closure, axiom_inst] by blast
1792  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1793    using "act-cond" "→E" by blast
1794  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1795qed
1796
1797(* TODO: consider introducing AOT_inductive *)
1798inductive arbitrary_actualization for φ where
1799  arbitrary_actualization φ «𝒜φ»
1800| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1801declare arbitrary_actualization.cases[AOT]
1802        arbitrary_actualization.induct[AOT]
1803        arbitrary_actualization.simps[AOT]
1804        arbitrary_actualization.intros[AOT]
1805syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop›
1806  ("ARBITRARY'_ACTUALIZATION'(_,_')")
1807
1808notepad
1809begin
1810  AOT_modally_strict {
1811    fix φ
1812    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1813      using AOT_PLM.arbitrary_actualization.intros by metis
1814    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1815      using AOT_PLM.arbitrary_actualization.intros by metis
1816    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1817      using AOT_PLM.arbitrary_actualization.intros by metis
1818  }
1819end
1820
1821
1822AOT_theorem "closure-act:1":
1823  assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ)
1824  shows ψ
1825using assms proof(induct)
1826  case 1
1827  AOT_show 𝒜(𝒜φ  φ)
1828    by (simp add: "act-conj-act:4")
1829next
1830  case (2 ψ)
1831  AOT_thus 𝒜ψ
1832    by (metis arbitrary_actualization.simps "≡E"(1)
1833              "logic-actual-nec:4"[axiom_inst])
1834qed
1835
1836AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1837  by (simp add: "act-conj-act:4" "∀I")
1838
1839AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1840  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "∀I"
1841            "logic-actual-nec:3"[axiom_inst]
1842            "logic-actual-nec:4"[axiom_inst])
1843
1844AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1845  using "closure-act:3" .
1846
1847(* TODO: examine these proofs *)
1848AOT_act_theorem "RA[1]":
1849  assumes  φ
1850  shows  𝒜φ
1851  ― ‹While this proof is rejected in PLM,
1852      we merely state it as modally-fragile rule,
1853      which addresses the concern in PLM.›
1854  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst]
1855        "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1856AOT_theorem "RA[2]":
1857  assumes  φ
1858  shows  𝒜φ
1859  ― ‹This rule is in fact a consequence of RN and
1860      does not require an appeal to the semantics itself.›
1861  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1862AOT_theorem "RA[3]":
1863  assumes Γ  φ
1864  shows 𝒜Γ  𝒜φ
1865  text‹This appears to only be derivable this is derivable
1866       from the semantics, but apparently no proof actually relies on it.
1867       If this turns out to be required, it is valid to derive it from the
1868       semantics just like RN, but we refrain from doing so, unless necessary.›
1869  (*  using assms by (meson AOT_sem_act imageI) *)
1870  oops
1871
1872AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1873  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem"
1874                "≡I" "logic-actual"[act_axiom_inst])
1875
1876AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1877  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1"
1878        "useful-tautologies:2" by blast
1879
1880AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1881  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1882
1883AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1884proof (rule "≡I"; rule "→I")
1885  AOT_assume 𝒜(φ & ψ)
1886  moreover AOT_have 𝒜((φ & ψ)  φ)
1887    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1888  moreover AOT_have 𝒜((φ & ψ)  ψ)
1889    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1890  ultimately AOT_show 𝒜φ & 𝒜ψ
1891    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1892next
1893  AOT_assume 𝒜φ & 𝒜ψ
1894  AOT_thus 𝒜(φ & ψ)
1895    using "act-conj-act:3" "vdash-properties:6" by blast
1896qed
1897
1898AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1899proof (rule "≡I"; rule "→I")
1900  AOT_assume 𝒜(φ  ψ)
1901  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1902    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1903  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1904    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1905  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1906    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1907next
1908  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1909  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1910    by (metis "act-conj-act:3" "vdash-properties:10")
1911  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1912    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]"
1913                  "vdash-properties:1[2]")
1914  ultimately AOT_show 𝒜(φ  ψ)
1915    using "act-cond"[THEN "→E", THEN "→E"] by metis
1916qed
1917
1918AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1919proof (rule "≡I"; rule "→I")
1920  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1921  AOT_show 𝒜φ  𝒜ψ
1922    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1923next
1924  AOT_assume 𝒜φ  𝒜ψ
1925  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1926    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1927qed
1928
1929AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1930  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1931
1932AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1933  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1934
1935AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1936  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act"
1937            "qml-act:2"[axiom_inst])
1938
1939AOT_theorem "Act-Basic:8": φ  𝒜φ
1940  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1941
1942AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1943proof (rule "≡I"; rule "→I")
1944  AOT_assume 𝒜(φ  ψ)
1945  AOT_thus 𝒜φ  𝒜ψ
1946  proof (rule "raa-cor:3")
1947    AOT_assume ¬(𝒜φ  𝒜ψ)
1948    AOT_hence ¬𝒜φ & ¬𝒜ψ
1949      by (metis "≡E"(1) "oth-class-taut:5:d")
1950    AOT_hence 𝒜¬φ & 𝒜¬ψ
1951      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1952    AOT_hence 𝒜(¬φ & ¬ψ)
1953      using "≡E" "Act-Basic:2" by metis
1954    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1955      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1956    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1957      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1958    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1959    AOT_thus ¬𝒜(φ  ψ)
1960      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1961  qed
1962next
1963  AOT_assume 𝒜φ  𝒜ψ
1964  AOT_thus 𝒜(φ  ψ)
1965    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1,2))
1966qed
1967
1968AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1969proof -
1970  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1971    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1972       (metis "logic-actual-nec:3"[axiom_inst])
1973  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1974    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1975       (rule "logic-actual-nec:1"[THEN universal_closure,
1976               axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1977  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1978    using "conventions:4"[THEN "df-rules-formulas[1]",
1979                          THEN act_closure, axiom_inst]
1980          "conventions:4"[THEN "df-rules-formulas[2]",
1981                          THEN act_closure, axiom_inst]
1982    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1983  also AOT_have   ¬𝒜α ¬φ{α}
1984    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1985  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1986  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1987  also AOT_have   α 𝒜 φ{α}
1988    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1989  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1990qed
1991
1992
1993AOT_theorem "Act-Basic:11":
1994  𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1995proof(rule "≡I"; rule "→I")
1996  AOT_assume 𝒜α(φ{α}  ψ{α})
1997  AOT_hence α𝒜(φ{α}  ψ{α})
1998    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1999  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
2000  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
2001  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
2002next
2003  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
2004  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
2005  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
2006  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
2007  AOT_thus 𝒜α(φ{α}  ψ{α})
2008    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2009qed
2010
2011AOT_act_theorem "act-quant-uniq":
2012  β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
2013proof(rule "≡I"; rule "→I")
2014  AOT_assume β(𝒜φ{β}  β = α)
2015  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2016  AOT_hence φ{β}  β = α for β
2017    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2018    by metis
2019  AOT_thus β(φ{β}  β = α) by (rule "∀I")
2020next
2021  AOT_assume β(φ{β}  β = α)
2022  AOT_hence φ{β}  β = α for β using "∀E" by blast
2023  AOT_hence 𝒜φ{β}  β = α for β
2024    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2025    by metis
2026  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
2027qed
2028
2029AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
2030  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
2031
2032AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
2033  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3"
2034        "fund-cont-desc" "≡E"(5) by blast
2035
2036
2037locale russell_axiom =
2038  fixes ψ
2039  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
2040begin
2041AOT_act_theorem "russell-axiom":
2042  ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
2043proof -
2044  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
2045    using hintikka "∀I" by fast
2046  show ?thesis
2047  proof(rule "≡I"; rule "→I")
2048    AOT_assume c: ψ{ιx φ{x}}
2049    AOT_hence d: ιx φ{x}
2050      using ψ_denotes_asm by blast
2051    AOT_hence y (y = ιx φ{x})
2052      by (metis "rule=I:1" "existential:1")
2053    then AOT_obtain a where a_def: a = ιx φ{x}
2054      using "instantiation"[rotated] by blast
2055    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a))
2056      using b "∀E" by blast
2057    ultimately AOT_have φ{a} & z(φ{z}  z = a)
2058      using "≡E" by blast
2059    moreover AOT_have ψ{a}
2060    proof - 
2061      AOT_have 1: xy(x = y  y = x)
2062        by (simp add: "id-eq:2" "universal-cor")
2063      AOT_have a = ιx φ{x}   ιx φ{x} = a
2064        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2065           (auto simp: 1 d "universal-cor")
2066      AOT_thus ψ{a}
2067        using a_def c "rule=E" "→E" by blast
2068    qed
2069    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
2070    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
2071  next
2072    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
2073    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b}
2074      using "instantiation"[rotated] by blast
2075    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b))
2076      using b "∀E" by blast
2077    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b}
2078      using g "&E" by blast+
2079    AOT_hence b = ιx φ{x} using h "≡E" by blast
2080    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
2081  qed
2082qed
2083end
2084
2085(* TODO: this nicely shows off using locales with the embedding,
2086         but maybe there is still a nicer way *)
2087(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these
2088         instantiation instead of referring to cqt:5:a - should be fixed *)
2089interpretation "russell-axiom[exe,1]": russell_axiom λ κ . «[Π]κ»
2090  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
2091interpretation "russell-axiom[exe,2,1,1]": russell_axiom λ κ . «[Π]κκ'»
2092  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
2093interpretation "russell-axiom[exe,2,1,2]": russell_axiom λ κ . «[Π]κ'κ»
2094  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2095interpretation "russell-axiom[exe,2,2]": russell_axiom λ κ . «[Π]κκ»
2096  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2097interpretation "russell-axiom[exe,3,1,1]": russell_axiom λ κ . «[Π]κκ'κ''»
2098  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2099interpretation "russell-axiom[exe,3,1,2]": russell_axiom λ κ . «[Π]κ'κκ''»
2100  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2101interpretation "russell-axiom[exe,3,1,3]": russell_axiom λ κ . «[Π]κ'κ''κ»
2102  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2103interpretation "russell-axiom[exe,3,2,1]": russell_axiom λ κ . «[Π]κκκ'»
2104  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2105interpretation "russell-axiom[exe,3,2,2]": russell_axiom λ κ . «[Π]κκ'κ»
2106  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2107interpretation "russell-axiom[exe,3,2,3]": russell_axiom λ κ . «[Π]κ'κκ»
2108  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2109interpretation "russell-axiom[exe,3,3]": russell_axiom λ κ . «[Π]κκκ»
2110  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2111
2112interpretation "russell-axiom[enc,1]": russell_axiom λ κ . «κ[Π]»
2113  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
2114interpretation "russell-axiom[enc,2,1]": russell_axiom λ κ . «κκ'[Π]»
2115  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
2116interpretation "russell-axiom[enc,2,2]": russell_axiom λ κ . «κ'κ[Π]»
2117  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2118interpretation "russell-axiom[enc,2,3]": russell_axiom λ κ . «κκ[Π]»
2119  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2120interpretation "russell-axiom[enc,3,1,1]": russell_axiom λ κ . «κκ'κ''[Π]»
2121  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2122interpretation "russell-axiom[enc,3,1,2]": russell_axiom λ κ . «κ'κκ''[Π]»
2123  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2124interpretation "russell-axiom[enc,3,1,3]": russell_axiom λ κ . «κ'κ''κ[Π]»
2125  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2126interpretation "russell-axiom[enc,3,2,1]": russell_axiom λ κ . «κκκ'[Π]»
2127  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2128interpretation "russell-axiom[enc,3,2,2]": russell_axiom λ κ . «κκ'κ[Π]»
2129  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2130interpretation "russell-axiom[enc,3,2,3]": russell_axiom λ κ . «κ'κκ[Π]»
2131  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2132interpretation "russell-axiom[enc,3,3]": russell_axiom λ κ . «κκκ[Π]»
2133  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2134
2135AOT_act_theorem "!-exists:1": ιx φ{x}  ∃!x φ{x}
2136proof(rule "≡I"; rule "→I")
2137  AOT_assume ιx φ{x}
2138  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2139  then AOT_obtain a where a = ιx φ{x}
2140    using "instantiation"[rotated] by blast
2141  AOT_hence φ{a} & z (φ{z}  z = a)
2142    using hintikka "≡E" by blast
2143  AOT_hence x (φ{x} & z (φ{z}  z = x))
2144    by (rule "∃I")
2145  AOT_thus ∃!x φ{x}
2146    using "uniqueness:1"[THEN "≡dfI"] by blast
2147next
2148  AOT_assume ∃!x φ{x}
2149  AOT_hence x (φ{x} & z (φ{z}  z = x))
2150    using "uniqueness:1"[THEN "≡dfE"] by blast
2151  then AOT_obtain b where φ{b} & z (φ{z}  z = b)
2152    using "instantiation"[rotated] by blast
2153  AOT_hence b = ιx φ{x}
2154    using hintikka "≡E" by blast
2155  AOT_thus ιx φ{x}
2156    by (metis "t=t-proper:2" "vdash-properties:6")
2157qed
2158
2159AOT_act_theorem "!-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
2160  using "!-exists:1" "free-thms:1" "≡E"(6) by blast
2161
2162AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
2163  using "&E"(1) "→I" hintikka "≡E"(1) by blast
2164
2165(* Note: generalized alphabetic variant of the last theorem *)
2166AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1".
2167
2168AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
2169proof(rule "→I")
2170  AOT_assume ιx φ{x}
2171  AOT_hence y (y = ιx φ{x})
2172    by (metis "rule=I:1" "existential:1")
2173  then AOT_obtain a where a = ιx φ{x}
2174    using "instantiation"[rotated] by blast
2175  moreover AOT_have φ{a}
2176    using calculation hintikka "≡E"(1) "&E" by blast
2177  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
2178qed
2179
2180AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
2181  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
2182
2183
2184AOT_theorem "act-quant-nec":
2185  β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
2186proof(rule "≡I"; rule "→I")
2187  AOT_assume β (𝒜φ{β}  β = α)
2188  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2189  AOT_hence 𝒜𝒜φ{β}  β = α for β 
2190    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2191  AOT_thus β(𝒜𝒜φ{β}  β = α)
2192    by (rule "∀I")
2193next
2194  AOT_assume β(𝒜𝒜φ{β}  β = α)
2195  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
2196  AOT_hence 𝒜φ{β}  β = α for β
2197    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2198  AOT_thus β (𝒜φ{β}  β = α)
2199    by (rule "∀I")
2200qed
2201
2202AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
2203proof -
2204  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)
2205    using descriptions[axiom_inst] by blast
2206  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
2207  proof(rule "≡I"; rule "→I"; rule "∀I")
2208    AOT_assume z (𝒜φ{z}  z = x)
2209    AOT_hence 𝒜φ{a}  a = x for a
2210      using "∀E" by blast
2211    AOT_thus 𝒜𝒜φ{a}  a = x for a
2212      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2213  next
2214    AOT_assume z (𝒜𝒜φ{z}  z = x)
2215    AOT_hence 𝒜𝒜φ{a}  a = x for a
2216      using "∀E" by blast
2217    AOT_thus 𝒜φ{a}  a = x for a
2218      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2219  qed
2220  also AOT_have ...  x = ιx(𝒜φ{x})
2221    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
2222  finally show ?thesis .
2223qed
2224
2225AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
2226proof(rule "→I")
2227  AOT_assume ιx φ{x}
2228  AOT_hence y (y = ιx φ{x})
2229    by (metis "rule=I:1" "existential:1")
2230  then AOT_obtain a where a = ιx φ{x}
2231    using "instantiation"[rotated] by blast
2232  moreover AOT_have a = ιx(𝒜φ{x})
2233    using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
2234  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x})
2235    using "rule=E" by fast
2236qed
2237
2238AOT_theorem "nec-hintikka-scheme":
2239  x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
2240proof -
2241  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x)
2242    using descriptions[axiom_inst] by blast
2243  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
2244    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
2245  finally show ?thesis.
2246qed
2247
2248AOT_theorem "equiv-desc-eq:1":
2249  𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2250proof(rule "→I"; rule "∀I")
2251  fix β
2252  AOT_assume 𝒜x(φ{x}  ψ{x})
2253  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2254    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
2255  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x
2256    by (metis "Act-Basic:5" "≡E"(1))
2257  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β)
2258    using "nec-hintikka-scheme" by blast
2259  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2260  proof (rule "≡I"; rule "→I")
2261    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
2262    AOT_hence 𝒜φ{z}  z = β for z
2263      using "&E" "∀E" by blast
2264    AOT_hence 𝒜ψ{z}  z = β for z
2265      using 0 "≡E" "→I" "→E" by metis
2266    AOT_hence z(𝒜ψ{z}  z = β)
2267      using "∀I" by fast
2268    moreover AOT_have 𝒜ψ{β}
2269      using "&E" 0[THEN "≡E"(1)] 1 by blast
2270    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2271      using "&I" by blast
2272  next
2273    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2274    AOT_hence 𝒜ψ{z}  z = β for z
2275      using "&E" "∀E" by blast
2276    AOT_hence 𝒜φ{z}  z = β for z
2277      using 0 "≡E" "→I" "→E" by metis
2278    AOT_hence z(𝒜φ{z}  z = β)
2279      using "∀I" by fast
2280    moreover AOT_have 𝒜φ{β}
2281      using "&E" 0[THEN "≡E"(2)] 1 by blast
2282    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β)
2283      using "&I" by blast
2284  qed
2285  also AOT_have ...  β = ιx ψ{x}
2286    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
2287  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
2288qed
2289
2290AOT_theorem "equiv-desc-eq:2":
2291  ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2292proof(rule "→I")
2293  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
2294  AOT_hence 0: y (y = ιx φ{x}) and
2295            1: x (x = ιx φ{x}  x = ιx ψ{x})
2296    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
2297  then AOT_obtain a where a = ιx φ{x}
2298    using "instantiation"[rotated] by blast
2299  moreover AOT_have a = ιx ψ{x}
2300    using calculation 1 "∀E" "≡E"(1) by fast
2301  ultimately AOT_show ιx φ{x} = ιx ψ{x}
2302    using "rule=E" by fast
2303qed
2304
2305AOT_theorem "equiv-desc-eq:3":
2306  ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2307  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E"
2308        "nec-imp-act"[THEN "→E"] by metis
2309
2310(* Note: this is a special case of "exist-nec" *)
2311AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
2312proof(rule "→I")
2313  AOT_assume ιx φ{x}
2314  AOT_hence y (y = ιx φ{x})
2315    by (metis "rule=I:1" "existential:1")
2316  then AOT_obtain a where a = ιx φ{x}
2317    using "instantiation"[rotated] by blast
2318  AOT_thus ιx φ{x}
2319    using "ex:2:a" "rule=E" by fast
2320qed
2321
2322AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
2323proof(rule "→I")
2324  AOT_assume ιx φ{x}
2325  AOT_hence y (y = ιx φ{x})
2326    by (metis "rule=I:1" "existential:1")
2327  then AOT_obtain a where a = ιx φ{x}
2328    using "instantiation"[rotated] by blast
2329  AOT_hence (a = ιx φ{x})
2330    by (metis "id-nec:2" "vdash-properties:10")
2331  AOT_thus y (y = ιx φ{x})
2332    by (rule "∃I")
2333qed
2334
2335AOT_act_theorem "equiv-desc-eq2:1":
2336  x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2337  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2338        "equiv-desc-eq:1"[THEN "→E"]
2339        "RA[1]" "deduction-theorem" by blast
2340
2341AOT_act_theorem "equiv-desc-eq2:2":
2342  ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2343  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2344        "equiv-desc-eq:2"[THEN "→E", OF "&I"]
2345        "RA[1]" "deduction-theorem" "&E" by metis
2346
2347context russell_axiom
2348begin
2349AOT_theorem "nec-russell-axiom":
2350  ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2351proof -
2352  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
2353    using "nec-hintikka-scheme" "∀I" by fast
2354  show ?thesis
2355  proof(rule "≡I"; rule "→I")
2356    AOT_assume c: ψ{ιx φ{x}}
2357    AOT_hence d: ιx φ{x}
2358      using ψ_denotes_asm by blast
2359    AOT_hence y (y = ιx φ{x})
2360      by (metis "rule=I:1" "existential:1")
2361    then AOT_obtain a where a_def: a = ιx φ{x}
2362      using "instantiation"[rotated] by blast
2363    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a))
2364      using b "∀E" by blast
2365    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a)
2366      using "≡E" by blast
2367    moreover AOT_have ψ{a}
2368    proof - 
2369      AOT_have 1: xy(x = y  y = x)
2370        by (simp add: "id-eq:2" "universal-cor")
2371      AOT_have a = ιx φ{x}   ιx φ{x} = a
2372        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2373           (auto simp: d "universal-cor" 1)
2374      AOT_thus ψ{a}
2375        using a_def c "rule=E" "→E" by metis
2376    qed
2377    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a}
2378      by (rule "&I")
2379    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2380      by (rule "∃I")
2381  next
2382    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2383    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b}
2384      using "instantiation"[rotated] by blast
2385    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b))
2386      using b "∀E" by blast
2387    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b}
2388      using g "&E" by blast+
2389    AOT_hence b = ιx φ{x}
2390      using h "≡E" by blast
2391    AOT_thus ψ{ιx φ{x}}
2392      using j "rule=E" by blast
2393  qed
2394qed
2395end
2396
2397AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
2398proof (rule "≡I"; rule "→I")
2399  AOT_assume ιx φ{x}
2400  AOT_hence y (y = ιx φ{x})
2401    by (metis "rule=I:1" "existential:1")
2402  then AOT_obtain a where a = ιx φ{x}
2403    using "instantiation"[rotated] by blast
2404  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2405    using descriptions[axiom_inst] by blast
2406  ultimately AOT_have z(𝒜φ{z}  z = a)
2407    using "≡E" by blast
2408  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
2409  AOT_thus ∃!x 𝒜φ{x}
2410    using "uniqueness:2"[THEN "≡E"(2)] by fast
2411next
2412  AOT_assume ∃!x 𝒜φ{x}
2413  AOT_hence xz(𝒜φ{z}  z = x)
2414    using "uniqueness:2"[THEN "≡E"(1)] by fast
2415  then AOT_obtain a where z(𝒜φ{z}  z = a)
2416    using "instantiation"[rotated] by blast
2417  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2418    using descriptions[axiom_inst] by blast
2419  ultimately AOT_have a = ιx φ{x}
2420    using "≡E" by blast
2421  AOT_thus ιx φ{x}
2422    by (metis "t=t-proper:2" "vdash-properties:6")
2423qed
2424
2425AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2426  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme"
2427        "reductio-aa:2" "vdash-properties:9" by blast
2428
2429(* Note: generalized alphabetic variant of the last theorem *)
2430AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2431  using "actual-desc:2".
2432
2433AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2434proof(rule "→I")
2435  AOT_assume ιx φ{x}
2436  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2437  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2438  AOT_thus 𝒜φ{ιx φ{x}}
2439    using "actual-desc:2" "rule=E" "→E" by fast
2440qed
2441
2442(* TODO: take another look at proof in PLM *)
2443AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2444proof(rule "→I")
2445  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2446  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2447    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2448  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x})
2449    by (metis "rule=I:1" "existential:1")+
2450  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2451    using "instantiation"[rotated] by metis
2452
2453  AOT_have αβ (α = β  β = α)
2454    by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2455  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2456    using "∀E" φ_down by blast
2457  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2458    using "∀E" ψ_down by blast
2459  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2460    "→E" by blast
2461
2462  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2463  proof(rule "≡I"; rule "→I")
2464    AOT_assume 𝒜φ{x}
2465    moreover AOT_have 𝒜φ{x}  x = a for x
2466      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)]
2467            "∀E" by blast
2468    ultimately AOT_have x = a
2469      using "→E" by blast
2470    AOT_hence x = ιx φ{x}
2471      using a_eq "rule=E" by blast
2472    AOT_hence x = ιx ψ{x}
2473      using 0 "rule=E" by blast
2474    AOT_thus 𝒜ψ{x}
2475      by (metis "actual-desc:3" "vdash-properties:6")
2476  next
2477    AOT_assume 𝒜ψ{x}
2478    moreover AOT_have 𝒜ψ{x}  x = b for x
2479      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)]
2480            "∀E" by blast
2481    ultimately AOT_have x = b
2482      using "→E" by blast
2483    AOT_hence x = ιx ψ{x}
2484      using b_eq "rule=E" by blast
2485    AOT_hence x = ιx φ{x}
2486      using 1 "rule=E" by blast
2487    AOT_thus 𝒜φ{x}
2488      by (metis "actual-desc:3" "vdash-properties:6")
2489  qed
2490  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2491    by (metis "Act-Basic:5" "≡E"(2))
2492  AOT_hence x 𝒜(φ{x}  ψ{x})
2493    by (rule "∀I")
2494  AOT_thus 𝒜x (φ{x}  ψ{x})
2495    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2496qed    
2497
2498AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2499proof(rule "→I")
2500  AOT_assume ∃!x φ{x}
2501  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2502    using "uniqueness:1"[THEN "≡dfE"] by blast
2503  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b)
2504    using "instantiation"[rotated] by blast
2505  AOT_show y (y = ιx φ{x}  φ{y})
2506  proof(rule GEN; rule "→I")
2507    fix y
2508    AOT_assume y = ιx φ{x}
2509    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y)
2510      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2511    AOT_hence 𝒜φ{b}  b = y
2512      using "&E" "∀E" by blast
2513    moreover AOT_have 𝒜φ{b}
2514      using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2515    ultimately AOT_have b = y
2516      using "→E" by blast
2517    moreover AOT_have φ{b}
2518      using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2519    ultimately AOT_show φ{y}
2520      using "rule=E" by blast
2521  qed
2522qed
2523
2524AOT_theorem "!box-desc:2":
2525  x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2526proof(rule "→I"; rule "→I")
2527  AOT_assume x (φ{x}  φ{x})
2528  moreover AOT_assume ∃!x φ{x}
2529  ultimately AOT_have ∃!x φ{x}
2530    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2531  AOT_thus y (y = ιx φ{x}  φ{y})
2532    using "!box-desc:1" "→E" by blast
2533qed
2534
2535(* Note: vacuous in the embedding. *)
2536AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ}
2537  by (simp add: "rule=I:1" "→I")
2538
2539subsection‹The Theory of Necessity›
2540text‹\label{PLM: 9.9}›
2541
2542AOT_theorem "RM:1[prem]":
2543  assumes Γ  φ  ψ
2544  shows Γ  φ  ψ
2545proof -
2546  AOT_have Γ  (φ  ψ)
2547    using "RN[prem]" assms by blast
2548  AOT_thus Γ  φ  ψ
2549    by (metis "qml:1"[axiom_inst] "→E")
2550qed
2551
2552AOT_theorem "RM:1":
2553  assumes  φ  ψ
2554  shows  φ  ψ
2555  using "RM:1[prem]" assms by blast
2556
2557lemmas RM = "RM:1"
2558
2559AOT_theorem "RM:2[prem]":
2560  assumes Γ  φ  ψ
2561  shows Γ  φ  ψ
2562proof -
2563  AOT_have Γ  ¬ψ  ¬φ
2564    using assms 
2565    by (simp add: "contraposition:1[1]")
2566  AOT_hence Γ  ¬ψ  ¬φ
2567    using "RM:1[prem]" by blast
2568  AOT_thus Γ  φ  ψ
2569    by (meson "≡dfE" "≡dfI" "conventions:5" "→I" "modus-tollens:1")
2570qed
2571
2572AOT_theorem "RM:2":
2573  assumes  φ  ψ
2574  shows  φ  ψ
2575  using "RM:2[prem]" assms by blast
2576
2577lemmas "RM◇" = "RM:2"
2578
2579AOT_theorem "RM:3[prem]":
2580  assumes Γ  φ  ψ
2581  shows Γ  φ  ψ
2582proof -
2583  AOT_have Γ  φ  ψ and Γ  ψ  φ
2584    using assms "≡E" "→I" by metis+
2585  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2586    using "RM:1[prem]" by metis+
2587  AOT_thus Γ  φ  ψ
2588    by (simp add: "≡I")
2589qed
2590
2591AOT_theorem "RM:3":
2592  assumes  φ  ψ
2593  shows  φ  ψ
2594  using "RM:3[prem]" assms by blast
2595
2596lemmas RE = "RM:3"
2597
2598AOT_theorem "RM:4[prem]":
2599  assumes Γ  φ  ψ
2600  shows Γ  φ  ψ
2601proof -
2602  AOT_have Γ  φ  ψ and Γ  ψ  φ
2603    using assms "≡E" "→I" by metis+
2604  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2605    using "RM:2[prem]" by metis+
2606  AOT_thus Γ  φ  ψ
2607    by (simp add: "≡I")
2608qed
2609
2610AOT_theorem "RM:4":
2611  assumes  φ  ψ
2612  shows  φ  ψ
2613  using "RM:4[prem]" assms by blast
2614
2615lemmas "RE◇" = "RM:4"
2616
2617AOT_theorem "KBasic:1": φ  (ψ  φ)
2618  by (simp add: RM "pl:1"[axiom_inst])
2619
2620AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2621  by (simp add: RM "useful-tautologies:3")
2622
2623AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2624proof (rule "≡I"; rule "→I")
2625  AOT_assume (φ & ψ)
2626  AOT_thus φ & ψ
2627    by (meson RM "&I" "Conjunction Simplification"(1, 2) "→E")
2628next
2629  AOT_have φ  (ψ  (φ & ψ))
2630    by (simp add: "RM:1" Adjunction)
2631  AOT_hence φ  (ψ  (φ & ψ))
2632    by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2633  moreover AOT_assume φ & ψ
2634  ultimately AOT_show (φ & ψ)
2635    using "→E" "&E" by blast
2636qed
2637
2638AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2639proof -
2640  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2641    by (fact "KBasic:3")
2642  AOT_modally_strict {
2643    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2644      by (fact "conventions:3"[THEN "≡Df"])
2645  }
2646  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2647    by (rule RE)
2648  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2649    using "≡E"(5) by blast
2650qed
2651
2652AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2653proof -
2654  AOT_have (φ  ψ)  (φ  ψ)
2655    by (fact "qml:1"[axiom_inst])
2656  moreover AOT_have (ψ  φ)  (ψ  φ)
2657    by (fact "qml:1"[axiom_inst])
2658  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2659    by (metis "&I" MP "Double Composition")
2660  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2661    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2662  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2663    by (metis "Hypothetical Syllogism")
2664qed
2665
2666AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2667  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "→E" by blast
2668AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2669proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2670  AOT_assume φ & ψ
2671  AOT_hence φ and ψ using "&E" by blast+
2672  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2673  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2674  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2675next
2676  AOT_assume ¬φ & ¬ψ
2677  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2678  AOT_modally_strict {
2679    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2680      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2681  }
2682  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2683    by (rule RM)
2684  AOT_thus (φ  ψ) using 0 "→E" by blast
2685qed(auto)
2686
2687AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2688  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2689AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2690  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2691AOT_theorem "KBasic:10": φ  ¬¬φ
2692  by (simp add: "RM:3" "oth-class-taut:3:b")
2693AOT_theorem "KBasic:11": ¬φ  ¬φ
2694proof (rule "≡I"; rule "→I")
2695  AOT_show ¬φ if ¬φ
2696    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2697next
2698  AOT_show ¬φ if ¬φ
2699    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2700qed
2701AOT_theorem "KBasic:12": φ  ¬¬φ
2702proof (rule "≡I"; rule "→I")
2703  AOT_show ¬¬φ if φ
2704    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2705next
2706  AOT_show φ if ¬¬φ
2707  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2708qed
2709AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2710proof -
2711  AOT_have φ  ψ  φ  ψ by blast
2712  AOT_hence (φ  ψ)  φ  ψ
2713    using "RM:2[prem]" by blast
2714  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2715qed
2716lemmas "K◇" = "KBasic:13"
2717AOT_theorem "KBasic:14": φ  ¬¬φ
2718  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2719AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2720proof -
2721  AOT_modally_strict {
2722    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2723      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2724  }
2725  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2726    using RM by blast+
2727  AOT_thus (φ  ψ)  (φ  ψ)
2728    by (metis "∨E"(1) "deduction-theorem")
2729qed
2730
2731AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2732  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism"
2733            Importation "→E")
2734
2735AOT_theorem "rule-sub-lem:1:a":
2736  assumes  (ψ  χ)
2737  shows  ¬ψ  ¬χ
2738  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2739        "≡E"(1) "oth-class-taut:4:b" by blast
2740
2741AOT_theorem "rule-sub-lem:1:b":
2742  assumes  (ψ  χ)
2743  shows  (ψ  Θ)  (χ  Θ)
2744  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2745  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2746
2747AOT_theorem "rule-sub-lem:1:c":
2748  assumes  (ψ  χ)
2749  shows  (Θ  ψ)  (Θ  χ)
2750  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2751  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2752
2753AOT_theorem "rule-sub-lem:1:d":
2754  assumes for arbitrary α:  (ψ{α}  χ{α})
2755  shows  α ψ{α}  α χ{α}
2756proof -
2757  AOT_modally_strict {
2758    AOT_have α (ψ{α}  χ{α})
2759      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2760    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2761    AOT_show α ψ{α}  α χ{α}
2762    proof (rule "≡I"; rule "→I")
2763      AOT_assume α ψ{α}
2764      AOT_hence ψ{α} for α using "∀E" by blast
2765      AOT_hence χ{α} for α using 0 "≡E" by blast
2766      AOT_thus α χ{α} by (rule "∀I")
2767    next
2768      AOT_assume α χ{α}
2769      AOT_hence χ{α} for α using "∀E" by blast
2770      AOT_hence ψ{α} for α using 0 "≡E" by blast
2771      AOT_thus α ψ{α} by (rule "∀I")
2772    qed
2773  }
2774qed
2775
2776AOT_theorem "rule-sub-lem:1:e":
2777  assumes  (ψ  χ)
2778  shows   ψ]   χ]
2779  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2780  using "≡E"(1) "propositions-lemma:6" by blast
2781
2782AOT_theorem "rule-sub-lem:1:f":
2783  assumes  (ψ  χ)
2784  shows  𝒜ψ  𝒜χ
2785  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2786  by (metis "Act-Basic:5" "≡E"(1))
2787
2788AOT_theorem "rule-sub-lem:1:g":
2789  assumes  (ψ  χ)
2790  shows  ψ  χ
2791  using "KBasic:6" assms "vdash-properties:6" by blast
2792
2793text‹Note that instead of deriving @{text "rule-sub-lem:2"},
2794     @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2795     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2796
2797class AOT_subst =
2798  fixes AOT_subst :: "('a  𝗈)  bool"
2799    and AOT_subst_cond :: "'a  'a  bool"
2800  assumes AOT_subst:
2801    "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2802
2803named_theorems AOT_substI
2804
2805instantiation 𝗈 :: AOT_subst
2806begin
2807
2808inductive AOT_subst_𝗈 where
2809  AOT_subst_𝗈_id[AOT_substI]:
2810    AOT_subst_𝗈 (λφ. φ)
2811  | AOT_subst_𝗈_const[AOT_substI]:
2812    AOT_subst_𝗈 (λφ. ψ)
2813  | AOT_subst_𝗈_not[AOT_substI]:
2814    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)
2815  | AOT_subst_𝗈_imp[AOT_substI]:
2816    AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)
2817  | AOT_subst_𝗈_lambda0[AOT_substI]:
2818    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))
2819  | AOT_subst_𝗈_act[AOT_substI]:
2820    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)
2821  | AOT_subst_𝗈_box[AOT_substI]:
2822    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)
2823  | AOT_subst_𝗈_by_def[AOT_substI]:
2824    ( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ)) 
2825      AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ
2826
2827
2828definition AOT_subst_cond_𝗈 where
2829  AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]
2830
2831instance
2832proof
2833  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2834  assume cond: ‹AOT_subst_cond ψ χ
2835  assume ‹AOT_subst φ
2836  moreover AOT_have  ψ  χ
2837    using cond unfolding AOT_subst_cond_𝗈_def by blast
2838  ultimately AOT_show  φ{ψ}  φ{χ}
2839  proof (induct arbitrary: ψ χ)
2840    case AOT_subst_𝗈_id
2841    thus ?case
2842      using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2843  next
2844    case (AOT_subst_𝗈_const ψ)
2845    thus ?case
2846      by (simp add: "oth-class-taut:3:a")
2847  next
2848    case (AOT_subst_𝗈_not Θ)
2849    thus ?case
2850      by (simp add: RN "rule-sub-lem:1:a")
2851  next
2852    case (AOT_subst_𝗈_imp Θ Ξ)
2853    thus ?case
2854      by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2855  next
2856    case (AOT_subst_𝗈_lambda0 Θ)
2857    thus ?case
2858      by (simp add: RN "rule-sub-lem:1:e")
2859  next
2860    case (AOT_subst_𝗈_act Θ)
2861    thus ?case
2862      by (simp add: RN "rule-sub-lem:1:f")
2863  next
2864    case (AOT_subst_𝗈_box Θ)
2865    thus ?case
2866      by (simp add: RN "rule-sub-lem:1:g")
2867  next
2868    case (AOT_subst_𝗈_by_def Θ Ξ)
2869    AOT_modally_strict {
2870      AOT_have Ξ{ψ}  Ξ{χ}
2871        using AOT_subst_𝗈_by_def by simp
2872      AOT_thus Θ{ψ}  Θ{χ}
2873        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ]
2874              "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2875        by (metis "≡E"(6) "oth-class-taut:3:a")
2876    }
2877  qed
2878qed
2879end
2880
2881instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2882begin
2883
2884definition AOT_subst_cond_fun :: ('a  'b)  ('a  'b)  bool› where
2885  AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α))
2886                                                      (ψ (AOT_term_of_var α))
2887
2888inductive AOT_subst_fun :: (('a  'b)  𝗈)  bool› where
2889  AOT_subst_fun_const[AOT_substI]:
2890    AOT_subst_fun (λφ. ψ)
2891  | AOT_subst_fun_id[AOT_substI]:
2892    ‹AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))
2893  | AOT_subst_fun_all[AOT_substI]:
2894    ‹AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α))) 
2895     AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)
2896  | AOT_subst_fun_not[AOT_substI]:
2897    ‹AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)
2898  | AOT_subst_fun_imp[AOT_substI]:
2899    ‹AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)
2900  | AOT_subst_fun_lambda0[AOT_substI]:
2901    ‹AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))
2902  | AOT_subst_fun_act[AOT_substI]:
2903    ‹AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)
2904  | AOT_subst_fun_box[AOT_substI]:
2905    ‹AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)
2906  | AOT_subst_fun_def[AOT_substI]:
2907    ( φ . AOT_model_equiv_def (Θ φ) (Ψ φ)) 
2908     AOT_subst_fun Ψ  AOT_subst_fun Θ
2909
2910instance proof
2911  fix ψ χ :: 'a  'b and φ :: ('a  'b)  𝗈›
2912  assume ‹AOT_subst φ
2913  moreover assume cond: ‹AOT_subst_cond ψ χ
2914  ultimately AOT_show  «φ ψ»  «φ χ»
2915  proof(induct)
2916    case (AOT_subst_fun_const ψ)
2917    then show ?case by (simp add: "oth-class-taut:3:a")
2918  next
2919  case (AOT_subst_fun_id Ψ x)
2920  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2921  next
2922  next
2923  case (AOT_subst_fun_all Ψ Θ)
2924  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2925    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2926  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2927    by (simp add: RN "rule-sub-lem:1:d"
2928                  AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2929  next
2930  case (AOT_subst_fun_not Ψ)
2931  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2932  next
2933  case (AOT_subst_fun_imp Ψ Θ)
2934  then show ?case 
2935    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2936    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "→E")
2937  next
2938  case (AOT_subst_fun_lambda0 Θ)
2939  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2940  next
2941  case (AOT_subst_fun_act Θ)
2942  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2943  next
2944  case (AOT_subst_fun_box Θ)
2945  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2946  next
2947  case (AOT_subst_fun_def Θ Ψ)
2948  then show ?case
2949    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2950  qed
2951qed
2952end
2953
2954ML2955fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2956  fun findHeadConst (Const x) = SOME x
2957    | findHeadConst (A $ _) = findHeadConst A
2958    | findHeadConst _ = NONE
2959  fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _)
2960      = findHeadConst lhs
2961    | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2962    | findDef (Abs (_,_,c)) = findDef c
2963    | findDef _ = NONE
2964  val const_opt = (findDef trm)
2965  val defs = case const_opt of SOME const => List.filter (fn thm => let
2966      val concl = Thm.concl_of thm
2967      val thmconst = (findDef concl)
2968      in case thmconst of SOME (c,_) => fst const = c | _ => false end)
2969      (AOT_Definitions.get ctxt)
2970      | _ => []
2971  val tac = case defs of
2972            [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2973            | _ => resolve_tac ctxt defs 1
2974  in tac end) 1)
2975fun getSubstThm ctxt reversed phi p q = let
2976val p_ty = Term.type_of p
2977val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2978val abs = Syntax.check_term ctxt abs
2979val substThm = Goal.prove ctxt [] [] abs
2980  (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2981val substThm = substThm RS @{thm AOT_subst}
2982fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
2983val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
2984fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
2985val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
2986in if reversed then let
2987  val substThm = Drule.instantiate_normalize
2988          (TVars_empty,Vars_make [((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2989          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2990  val substThm = substThm RS @{thm "≡E"(1)}
2991  in substThm end
2992else
2993  let
2994  val substThm = Drule.instantiate_normalize
2995          (TVars_empty,Vars_make [((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2996          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2997  val substThm = substThm RS @{thm "≡E"(2)}
2998  in substThm end end
2999
3000
3001method_setup AOT_subst = 3002Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3003Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax) --
3004Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |--
3005Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) --
3006Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
3007>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
3008(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3009  prems = prems, asms = asms, concl = concl, schematics = _} =>
3010let
3011val thms = prems
3012val ctxt' = ctxt
3013val ctxt = Context_Position.set_visible false ctxt
3014val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
3015
3016val ctxt = (fold (fn (bound, ty) => fn ctxt =>
3017  let
3018    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
3019    val ty = Option.map (Syntax.read_typ ctxt) ty
3020    val ctxt = case ty of SOME ty => let
3021        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
3022        val bound = Syntax.check_term ctxt bound
3023      in Variable.declare_term bound ctxt end | _ => ctxt
3024  in ctxt end)) raw_bounds ctxt
3025
3026val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
3027val p = Syntax.check_term ctxt p
3028val ctxt = Variable.declare_term p ctxt
3029val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
3030val q = Syntax.check_term ctxt q
3031val ctxt = Variable.declare_term q ctxt
3032
3033val bounds = (map (fn (bound, _) =>
3034  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound)
3035)) raw_bounds
3036val p = fold (fn bound => fn p =>
3037  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)))
3038  bounds p
3039val p = Syntax.check_term ctxt p
3040val p_ty = Term.type_of p
3041
3042val pat = @{const Trueprop} $
3043  (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $
3044   (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
3045val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
3046val univ = hd (Seq.list_of univ) (* TODO: choose? try all? filter? *)
3047val phi = the (Envir.lookup univ
3048  (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
3049
3050val q = fold (fn bound => fn q =>
3051  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q))) bounds q
3052val q = Syntax.check_term ctxt q
3053
3054(* Reparse to report bounds as fixes. *)
3055val ctxt = Context_Position.restore_visible ctxt' ctxt
3056val ctxt' = ctxt
3057fun unsource str = fst (Input.source_content (Syntax.read_input str))
3058val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) =>
3059  (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds)
3060  ctxt'
3061val _ = (map (fn (x,_) =>
3062  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x)))
3063  raw_bounds
3064val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
3065val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
3066val reversed = case reversed of SOME _ => true | _ => false
3067val simpThms = [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]
3068in
3069resolve_tac ctxt [getSubstThm ctxt reversed phi p q] 1
3070THEN simp_tac (ctxt addsimps simpThms) 1
3071THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
3072THEN (TRY (resolve_tac ctxt thms 1))
3073end
3074) ctxt 1))))
3075
3076
3077method_setup AOT_subst_def = 3078Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3079Attrib.thm
3080>> (fn (reversed,fact) => (fn ctxt =>
3081(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3082  prems = prems, asms = asms, concl = concl, schematics = _} =>
3083let
3084val c = Thm.concl_of fact
3085val (lhs, rhs) = case c of (const‹Trueprop› $
3086    (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
3087  | _ => raise Fail "Definition expected."
3088val substCond = HOLogic.mk_Trueprop
3089  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3090val substCond = Syntax.check_term
3091  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3092  substCond
3093val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3094  @{thm AOT_subst_cond_fun_def},
3095  fact RS @{thm "≡Df"}]
3096val substCondThm = Goal.prove ctxt [] [] substCond
3097  (fn {context=ctxt, prems=prems} =>
3098      (SUBGOAL (fn (trm,int) =>
3099        auto_tac (ctxt addsimps simpThms)) 1))
3100val substThm = substCondThm RSN (2,@{thm AOT_subst})
3101in
3102resolve_tac ctxt [substThm RS
3103  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3104THEN prove_AOT_subst_tac ctxt
3105THEN (TRY (resolve_tac ctxt prems 1))
3106end
3107) ctxt 1))))
3108
3109
3110method_setup AOT_subst_thm = 3111Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3112Attrib.thm
3113>> (fn (reversed,fact) => (fn ctxt =>
3114(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3115  prems = prems, asms = asms, concl = concl, schematics = _} =>
3116let
3117val c = Thm.concl_of fact
3118val (lhs, rhs) = case c of
3119  (const‹Trueprop› $
3120   (const‹AOT_model_valid_in› $ _ $
3121    (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
3122  | _ => raise Fail "Equivalence expected."
3123
3124val substCond = HOLogic.mk_Trueprop
3125  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3126val substCond = Syntax.check_term
3127  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3128  substCond
3129val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3130  @{thm AOT_subst_cond_fun_def},
3131  fact]
3132val substCondThm = Goal.prove ctxt [] [] substCond
3133  (fn {context=ctxt, prems=prems} =>
3134      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps simpThms)) 1))
3135val substThm = substCondThm RSN (2,@{thm AOT_subst})
3136in
3137resolve_tac ctxt [substThm RS
3138  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3139THEN prove_AOT_subst_tac ctxt
3140THEN (TRY (resolve_tac ctxt prems 1))
3141end
3142) ctxt 1))))
3143
3144
3145AOT_theorem "rule-sub-remark:1[1]":
3146  assumes  A!x  ¬E!x and ¬A!x
3147  shows ¬¬E!x
3148  by (AOT_subst (reverse) ¬E!x A!x)
3149     (auto simp: assms) 
3150
3151AOT_theorem "rule-sub-remark:1[2]":
3152  assumes  A!x  ¬E!x and  ¬¬E!x
3153  shows ¬A!x
3154  by (AOT_subst A!x ¬E!x)
3155     (auto simp: assms)
3156
3157AOT_theorem "rule-sub-remark:2[1]":
3158  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3159      and p  [R]xy
3160  shows p  [R]xy & ([Q]a  ¬[Q]a)
3161  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3162
3163AOT_theorem "rule-sub-remark:2[2]":
3164  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3165      and p  [R]xy & ([Q]a  ¬[Q]a)
3166  shows p  [R]xy
3167  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3168
3169AOT_theorem "rule-sub-remark:3[1]":
3170  assumes for arbitrary x:  A!x  ¬E!x
3171      and x A!x
3172    shows x ¬E!x
3173  by (AOT_subst (reverse) ¬E!x A!x for: x)
3174     (auto simp: assms)
3175
3176AOT_theorem "rule-sub-remark:3[2]":
3177  assumes for arbitrary x:  A!x  ¬E!x
3178      and x ¬E!x
3179    shows x A!x
3180  by (AOT_subst A!x ¬E!x for: x)
3181     (auto simp: assms)
3182
3183AOT_theorem "rule-sub-remark:4[1]":
3184  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x
3185  shows 𝒜[P]x
3186  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3187
3188AOT_theorem "rule-sub-remark:4[2]":
3189  assumes  ¬¬[P]x  [P]x and 𝒜[P]x
3190  shows 𝒜¬¬[P]x
3191  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3192
3193AOT_theorem "rule-sub-remark:5[1]":
3194  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ)
3195  shows (¬ψ  ¬φ)
3196  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3197
3198AOT_theorem "rule-sub-remark:5[2]":
3199  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ)
3200  shows (φ  ψ) 
3201  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3202
3203AOT_theorem "rule-sub-remark:6[1]":
3204  assumes  ψ  χ and (φ  ψ)
3205  shows (φ  χ) 
3206  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3207
3208AOT_theorem "rule-sub-remark:6[2]":
3209  assumes  ψ  χ and (φ  χ)
3210  shows (φ  ψ)
3211  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3212
3213AOT_theorem "rule-sub-remark:7[1]":
3214  assumes  φ  ¬¬φ and (φ  φ)
3215  shows (¬¬φ  φ) 
3216  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3217
3218AOT_theorem "rule-sub-remark:7[2]":
3219  assumes  φ  ¬¬φ and (¬¬φ  φ)
3220  shows (φ  φ)
3221  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3222
3223AOT_theorem "KBasic2:1": ¬φ  ¬φ
3224  by (meson "conventions:5" "contraposition:2"
3225            "Hypothetical Syllogism" "df-rules-formulas[3]"
3226            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
3227
3228AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
3229proof -
3230  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
3231    by (simp add: "RE◇" "oth-class-taut:5:b")
3232  also AOT_have   ¬(¬φ & ¬ψ)
3233    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3234  also AOT_have   ¬(¬φ & ¬ψ)
3235    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
3236  also AOT_have   ¬(¬φ & ¬ψ)
3237    using "KBasic2:1"
3238    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ;
3239        auto simp: "oth-class-taut:3:a")
3240  also AOT_have   ¬¬(φ  ψ)
3241    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
3242  also AOT_have   φ  ψ
3243    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
3244  finally show ?thesis .
3245qed
3246
3247AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
3248  by (metis "RM◇" "&I" "Conjunction Simplification"(1,2)
3249            "→I" "modus-tollens:1" "reductio-aa:1")
3250
3251AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
3252proof -
3253  AOT_have (φ  ψ)  (¬φ  ψ)
3254    by (AOT_subst φ  ψ ¬φ  ψ)
3255       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
3256  also AOT_have ...  ¬φ  ψ
3257    by (simp add: "KBasic2:2")
3258  also AOT_have ...  ¬φ  ψ
3259    by (AOT_subst ¬φ ¬φ)
3260       (auto simp: "KBasic:11" "oth-class-taut:3:a")
3261  also AOT_have ...  φ  ψ
3262    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
3263  finally show ?thesis .
3264qed
3265
3266AOT_theorem "KBasic2:5": φ  ¬¬φ
3267  using "conventions:5"[THEN "≡Df"]
3268  by (AOT_subst φ ¬¬φ;
3269      AOT_subst ¬¬φ ¬¬¬¬φ;
3270      AOT_subst (reverse) ¬¬¬φ ¬φ)
3271     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
3272
3273
3274AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
3275proof(rule "→I"; rule "raa-cor:1")
3276  AOT_assume (φ  ψ)
3277  AOT_hence (¬φ  ψ)
3278    using "conventions:2"[THEN "≡Df"]
3279    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
3280  AOT_hence 1: ¬φ  ψ
3281    using "KBasic:13" "vdash-properties:10" by blast
3282  AOT_assume ¬(φ  ψ)
3283  AOT_hence ¬φ and ¬ψ
3284    using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
3285  AOT_thus ψ & ¬ψ
3286    using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
3287qed
3288
3289AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
3290proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3291  AOT_assume (φ  ψ)
3292  AOT_hence 1: φ  ψ
3293    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
3294  AOT_assume ¬φ
3295  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
3296  AOT_thus ψ using 1 "∨E"(2) by blast
3297qed
3298
3299AOT_theorem "T-S5-fund:1": φ  φ
3300  by (meson "≡dfI" "conventions:5" "contraposition:2"
3301            "Hypothetical Syllogism" "→I" "qml:2"[axiom_inst])
3302lemmas "T◇" = "T-S5-fund:1"
3303
3304AOT_theorem "T-S5-fund:2": φ  φ
3305proof(rule "→I")
3306  AOT_assume φ
3307  AOT_hence ¬¬φ
3308    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
3309  moreover AOT_have ¬φ  ¬φ
3310    by (fact "qml:3"[axiom_inst])
3311  ultimately AOT_have ¬¬φ
3312    using "modus-tollens:1" by blast
3313  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
3314qed
3315lemmas "5◇" = "T-S5-fund:2"
3316
3317AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
3318  by (AOT_subst 𝒜¬φ ¬𝒜φ)
3319     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
3320
3321AOT_theorem "Act-Sub:2": φ  𝒜φ
3322  using "conventions:5"[THEN "≡Df"]
3323  by (AOT_subst φ ¬¬φ)
3324     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
3325            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
3326
3327AOT_theorem "Act-Sub:3": 𝒜φ  φ
3328  using "conventions:5"[THEN "≡Df"]
3329  by (AOT_subst φ ¬¬φ)
3330     (metis "Act-Sub:1" "→I" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
3331
3332AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
3333proof (rule "≡I"; rule "→I")
3334  AOT_assume 𝒜φ
3335  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
3336next
3337  AOT_assume 𝒜φ
3338  AOT_hence ¬¬𝒜φ
3339    using "≡dfE" "conventions:5" by blast
3340  AOT_hence ¬𝒜¬φ
3341    by (AOT_subst 𝒜¬φ ¬𝒜φ)
3342       (simp add: "logic-actual-nec:1"[axiom_inst])
3343  AOT_thus 𝒜φ
3344    using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4)
3345          "reductio-aa:1" by blast
3346qed
3347
3348AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
3349  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "→I" "≡E"(1) "≡E"(2) "→E")
3350
3351AOT_theorem "S5Basic:1": φ  φ
3352  by (simp add: "≡I" "qml:2"[axiom_inst] "qml:3"[axiom_inst])
3353
3354AOT_theorem "S5Basic:2": φ  φ
3355  by (simp add: "T◇" "5◇" "≡I")
3356
3357AOT_theorem "S5Basic:3": φ  φ
3358  using "T◇" "Hypothetical Syllogism" "qml:3"[axiom_inst] by blast
3359lemmas "B" = "S5Basic:3"
3360
3361AOT_theorem "S5Basic:4": φ  φ
3362  using "5◇" "Hypothetical Syllogism" "qml:2"[axiom_inst] by blast
3363lemmas "B◇" = "S5Basic:4"
3364
3365AOT_theorem "S5Basic:5": φ  φ
3366  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
3367lemmas "4" = "S5Basic:5"
3368
3369AOT_theorem "S5Basic:6": φ  φ
3370  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
3371
3372AOT_theorem "S5Basic:7": φ  φ
3373  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
3374  by (AOT_subst φ ¬¬φ;
3375      AOT_subst φ ¬¬φ;
3376      AOT_subst (reverse) ¬¬¬φ ¬φ;
3377      AOT_subst (reverse) ¬φ ¬φ)
3378     (auto simp: "S5Basic:6" "if-p-then-p")
3379
3380lemmas "4◇" = "S5Basic:7"
3381
3382AOT_theorem "S5Basic:8": φ  φ
3383  by (simp add: "4◇" "T◇" "≡I")
3384
3385AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
3386  apply (rule "≡I"; rule "→I")
3387  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10"
3388   apply blast
3389  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1)
3390            "con-dis-taut:7" "intro-elim:1" "Commutativity of ∨")
3391
3392AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
3393(* Note: nicely this proof is entirely sledgehammer generated *)
3394proof(rule "≡I"; rule "→I")
3395  AOT_assume (φ  ψ)
3396  AOT_hence φ  ψ
3397    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
3398  AOT_thus φ  ψ
3399    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
3400next
3401  AOT_assume φ  ψ
3402  AOT_hence φ  ψ
3403    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
3404  AOT_thus (φ  ψ)
3405    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1,2))
3406qed
3407
3408AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
3409proof -
3410  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
3411    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
3412       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
3413  also AOT_have   ¬(¬φ  ¬ψ)
3414    by (AOT_subst ¬ψ ¬ψ)
3415       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
3416  also AOT_have   ¬(¬φ  ¬ψ)
3417    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3418  also AOT_have   ¬(¬φ  ¬ψ)
3419    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
3420  also AOT_have   ¬(¬φ  ¬ψ)
3421    using "KBasic2:1"
3422    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
3423       (auto simp:  "oth-class-taut:3:a")
3424  also AOT_have   φ & ψ
3425    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
3426  finally show ?thesis .
3427qed
3428
3429AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
3430proof (rule "≡I"; rule "→I")
3431  AOT_assume (φ & ψ)
3432  AOT_hence φ & ψ
3433    using "KBasic2:3" "vdash-properties:6" by blast
3434  AOT_thus φ & ψ
3435    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
3436next
3437  AOT_assume φ & ψ
3438  moreover AOT_have (ψ & φ)  (φ & ψ)
3439    by (AOT_subst φ & ψ ψ & φ)
3440       (auto simp: "Commutativity of &" "KBasic:16")
3441  ultimately AOT_show (φ & ψ)
3442    by (metis "4" "&I" "Conjunction Simplification"(1,2) "→E")
3443qed
3444
3445AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
3446proof (rule "≡I")
3447  AOT_modally_strict {
3448    AOT_have (φ  ψ)  (φ  ψ)
3449      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "→I")
3450  }
3451  AOT_hence (φ  ψ)  (φ  ψ)
3452    by (rule RM)
3453  AOT_thus  (φ  ψ)  (φ  ψ)
3454    using "4" "Hypothetical Syllogism" by blast
3455next
3456  AOT_modally_strict {
3457    AOT_have (φ  ψ)  (φ  ψ)
3458      by (meson "B" "Hypothetical Syllogism" "→I" "qml:1"[axiom_inst])
3459  }
3460  AOT_hence  (φ  ψ)  (φ  ψ)
3461    by (rule RM)
3462  AOT_thus (φ  ψ)  (φ  ψ)
3463    using "4" "Hypothetical Syllogism" by blast
3464qed
3465
3466AOT_theorem "derived-S5-rules:1":
3467  assumes Γ  φ  ψ
3468  shows Γ  φ  ψ
3469proof -
3470  AOT_have Γ  φ  ψ
3471    using assms by (rule "RM:1[prem]")
3472  AOT_thus Γ  φ  ψ
3473    using "B" "Hypothetical Syllogism" by blast
3474qed
3475
3476AOT_theorem "derived-S5-rules:2":
3477  assumes Γ  φ  ψ
3478  shows Γ  φ  ψ
3479proof -
3480  AOT_have Γ  φ  ψ
3481    using assms by (rule "RM:2[prem]")
3482  AOT_thus Γ  φ  ψ
3483    using "B◇" "Hypothetical Syllogism" by blast
3484qed
3485
3486AOT_theorem "BFs:1": α φ{α}  α φ{α}
3487proof -
3488  AOT_modally_strict {
3489    AOT_have α φ{α}  φ{α} for α
3490      using "cqt-orig:3" by (rule "RM◇")
3491    AOT_hence α φ{α}  α φ{α}
3492      using "B◇" "∀I" "→E" "→I" by metis
3493  }
3494  thus ?thesis
3495    using "derived-S5-rules:1" by blast
3496qed
3497lemmas "BF" = "BFs:1"
3498
3499AOT_theorem "BFs:2": α φ{α}  α φ{α}
3500proof -
3501  AOT_have α φ{α}  φ{α} for α
3502    using RM "cqt-orig:3" by metis
3503  thus ?thesis
3504    using "cqt-orig:2"[THEN "→E"] "∀I" by metis
3505qed
3506lemmas "CBF" = "BFs:2"
3507
3508AOT_theorem "BFs:3": α φ{α}  α φ{α}
3509proof(rule "→I")
3510  AOT_modally_strict {
3511    AOT_have α ¬φ{α}  α ¬φ{α}
3512      using BF CBF "≡I" by blast
3513  } note θ = this
3514
3515  AOT_assume α φ{α}
3516  AOT_hence ¬¬(α φ{α})
3517    using "≡dfE" "conventions:5" by blast
3518  AOT_hence ¬α ¬φ{α}
3519    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
3520    using "≡dfI" "conventions:3" "conventions:4" "&I"
3521          "contraposition:2" "cqt-further:4"
3522          "df-rules-formulas[3]" by blast
3523  AOT_hence ¬α ¬φ{α}
3524    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
3525    using θ by blast
3526  AOT_hence ¬α ¬¬¬φ{α}
3527    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
3528       (simp add: "oth-class-taut:3:b")
3529  AOT_hence α ¬¬φ{α}
3530    by (rule "conventions:4"[THEN "≡dfI"])
3531  AOT_thus α φ{α}
3532    using "conventions:5"[THEN "≡Df"]
3533    by (AOT_subst φ{α} ¬¬φ{α} for: α)
3534qed
3535lemmas "BF◇" = "BFs:3"
3536
3537AOT_theorem "BFs:4": α φ{α}  α φ{α}
3538proof(rule "→I")
3539  AOT_assume α φ{α}
3540  AOT_hence ¬α ¬φ{α}
3541    using "conventions:4"[THEN "≡dfE"] by blast
3542  AOT_hence ¬α ¬φ{α}
3543    using "KBasic2:1"
3544    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
3545  moreover AOT_have α ¬φ{α}  α ¬φ{α}
3546    using "≡I" "BF" "CBF" by metis
3547  ultimately AOT_have 1: ¬α ¬φ{α}
3548    using "≡E"(3) by blast
3549  AOT_show α φ{α}
3550    apply (rule "conventions:5"[THEN "≡dfI"])
3551    apply (AOT_subst α φ{α} ¬α ¬φ{α})
3552     apply (simp add: "conventions:4" "≡Df")
3553    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
3554    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
3555qed
3556lemmas "CBF◇" = "BFs:4"
3557
3558AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
3559proof(rule "→I")
3560  AOT_assume α φ{α}
3561  then AOT_obtain α where φ{α} using "∃E" by metis
3562  moreover AOT_have α
3563    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
3564  moreover AOT_have φ{τ}, τ  α φ{α} for τ
3565  proof -
3566    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
3567    AOT_thus φ{τ}, τ  α φ{α}
3568      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
3569  qed
3570  ultimately AOT_show α φ{α} by blast
3571qed
3572lemmas Buridan = "sign-S5-thm:1"
3573
3574AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
3575proof -
3576  AOT_have α (α φ{α}  φ{α})
3577    by (simp add: "RM◇" "cqt-orig:3" "∀I")
3578  AOT_thus α φ{α}  α φ{α}
3579    using "∀E"(4) "∀I" "→E" "→I" by metis
3580qed
3581lemmas "Buridan◇" = "sign-S5-thm:2"
3582
3583AOT_theorem "sign-S5-thm:3":
3584  α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
3585  apply (rule "RM:2")
3586  by (metis (no_types, lifting) "∃E" "&I" "&E"(1) "&E"(2) "→I" "∃I"(2))
3587
3588AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3589  apply (rule "RM:2")
3590  by (meson "instantiation" "&E"(1) "→I" "∃I"(2))
3591
3592AOT_theorem "sign-S5-thm:5":
3593  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3594proof -
3595  {
3596    fix φ' ψ' χ'
3597    AOT_assume  φ' & ψ'  χ'
3598    AOT_hence φ' & ψ'  χ'
3599      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3600      using "&E" "&I" "→E" "→I" by metis
3601  } note R = this
3602  show ?thesis by (rule R; fact AOT)
3603qed
3604
3605AOT_theorem "sign-S5-thm:6":
3606  (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3607proof -
3608  {
3609    fix φ' ψ' χ'
3610    AOT_assume  φ' & ψ'  χ'
3611    AOT_hence φ' & ψ'  χ'
3612      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3613      using "&E" "&I" "→E" "→I" by metis
3614  } note R = this
3615  show ?thesis by (rule R; fact AOT)
3616qed
3617
3618AOT_theorem "exist-nec2:1": τ  τ
3619  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3620
3621AOT_theorem "exists-nec2:2": τ  τ
3622  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec"
3623            "exist-nec2:1" "≡I" "nec-imp-act")
3624
3625AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3626  using "KBasic2:1" "→I" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3627
3628AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3629  by (metis "Act-Sub:3" "KBasic:12" "→I" "exist-nec" "exists-nec2:3"
3630            "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3631
3632AOT_theorem "id-nec2:1": α = β  α = β
3633  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3634
3635AOT_theorem "id-nec2:2": α  β  α  β
3636  apply (AOT_subst α  β ¬(α = β))
3637  using "=-infix"[THEN "≡Df"] apply blast
3638  using "KBasic2:1" "→I" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3639
3640AOT_theorem "id-nec2:3": α  β  α  β
3641  apply (AOT_subst α  β ¬(α = β))
3642  using "=-infix"[THEN "≡Df"] apply blast
3643  by (metis "KBasic:11" "→I" "id-nec:2" "≡E"(3) "reductio-aa:2" "→E")
3644
3645AOT_theorem "id-nec2:4": α = β  α = β
3646  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3647
3648AOT_theorem "id-nec2:5": α  β  α  β
3649  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3650
3651AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3652  apply (rule "≡I"; rule "→I")
3653  using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" apply blast
3654  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2)
3655            "raa-cor:5" "→E")
3656
3657AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3658  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "→I" "≡I"
3659            "nec-imp-act" "raa-cor:2" "→E")
3660
3661AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3662proof (rule "→I"; rule "≡I"; rule "→I")
3663  AOT_assume (φ  φ)
3664  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3665  moreover AOT_assume ¬φ
3666  ultimately AOT_have ¬φ
3667    using "modus-tollens:1" by blast
3668  AOT_thus ¬φ
3669    using "KBasic2:1" "≡E"(2) by blast
3670next
3671  AOT_assume (φ  φ)
3672  moreover AOT_assume ¬φ
3673  ultimately AOT_show ¬φ
3674    using "modus-tollens:1" "qml:2"[axiom_inst] "→E" by blast
3675qed
3676
3677AOT_theorem "sc-eq-box-box:4":
3678  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3679proof(rule "→I"; rule "→I")
3680  AOT_assume θ: (φ  φ) & (ψ  ψ)
3681  AOT_assume ξ: φ  ψ
3682  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3683    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3684  moreover {
3685    AOT_assume φ & ψ
3686    AOT_hence (φ  ψ)
3687      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3688  }
3689  moreover {
3690    AOT_assume ¬φ & ¬ψ
3691    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3692      using θ "Conjunction Simplification"(1,2)
3693            "sc-eq-box-box:3" "→E" by metis+
3694    ultimately AOT_have ¬φ & ¬ψ
3695      by (metis "&I" "Conjunction Simplification"(1,2)
3696                "≡E"(4) "modus-tollens:1" "raa-cor:3")
3697    AOT_hence (φ  ψ)
3698      using "KBasic:3" "KBasic:9" "≡E"(2) "→E" by blast
3699  }
3700  ultimately AOT_show (φ  ψ)
3701    using "∨E"(2) "reductio-aa:1" by blast
3702qed
3703
3704AOT_theorem "sc-eq-box-box:5":
3705  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3706proof (rule "→I")
3707  AOT_assume ((φ  φ) & (ψ  ψ))
3708  AOT_hence ((φ  φ) & (ψ  ψ))
3709    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3710  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3711  proof (rule RM; rule "→I"; rule "→I")
3712    AOT_modally_strict {
3713      AOT_assume A: ((φ  φ) & (ψ  ψ))
3714      AOT_hence φ  φ and ψ  ψ
3715        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3716      moreover AOT_assume φ  ψ
3717      ultimately AOT_have φ  ψ
3718        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3719      moreover AOT_have (φ  ψ)  (φ  ψ)
3720        using A "sc-eq-box-box:4" "→E" by blast
3721      ultimately AOT_show (φ  ψ) using "→E" by blast
3722    }
3723  qed
3724  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3725qed
3726
3727AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3728proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3729  AOT_assume ¬(φ  ψ)
3730  AOT_hence ¬(φ  ψ)
3731    by (metis "KBasic:11" "≡E"(1))
3732  AOT_hence (φ & ¬ψ)
3733    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3734       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3735  AOT_hence φ and 2: ¬ψ
3736    using "KBasic2:3"[THEN "→E"] "&E" by blast+
3737  moreover AOT_assume (φ  φ)
3738  ultimately AOT_have φ
3739    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3740  AOT_hence φ
3741    using "qml:2"[axiom_inst, THEN "→E"] by blast
3742  moreover AOT_assume φ  ψ
3743  ultimately AOT_have ψ
3744    using "→E" by blast
3745  moreover AOT_have ¬ψ
3746    using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3747  ultimately AOT_show ψ & ¬ψ
3748    using "&I" by blast
3749qed
3750
3751AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3752proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3753  AOT_assume ¬𝒜(φ  ψ)
3754  AOT_hence 𝒜¬(φ  ψ)
3755    by (metis "Act-Basic:1" "∨E"(2))
3756  AOT_hence 𝒜(φ & ¬ψ)
3757    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3758       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3759  AOT_hence 𝒜φ and 2: 𝒜¬ψ
3760    using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3761  AOT_hence φ
3762    by (metis "Act-Sub:3" "→E")
3763  moreover AOT_assume (φ  φ)
3764  ultimately AOT_have φ
3765    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3766  AOT_hence φ
3767    using "qml:2"[axiom_inst, THEN "→E"] by blast
3768  moreover AOT_assume φ  𝒜ψ
3769  ultimately AOT_have 𝒜ψ
3770    using "→E" by blast
3771  moreover AOT_have ¬𝒜ψ
3772    using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3773  ultimately AOT_show 𝒜ψ & ¬𝒜ψ
3774    using "&I" by blast
3775qed
3776
3777AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3778  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3779
3780AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3781  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism"
3782            "→I" "≡I" "nec-imp-act")
3783
3784AOT_theorem "sc-eq-fur:3":
3785  x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3786proof (rule "→I"; rule "→I")
3787  AOT_assume x (φ{x}  φ{x})
3788  AOT_hence A: x (φ{x}  φ{x})
3789    using CBF "→E" by blast
3790  AOT_assume ∃!x φ{x}
3791  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3792    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3793  moreover AOT_have φ{a}
3794    using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3795  AOT_hence 𝒜φ{a}
3796    using "nec-imp-act" "→E" by blast
3797  moreover AOT_have y (𝒜φ{y}  y = a)
3798  proof (rule "∀I"; rule "→I")
3799    fix b
3800    AOT_assume 𝒜φ{b}
3801    AOT_hence φ{b}
3802      using "Act-Sub:3" "→E" by blast
3803    moreover {
3804      AOT_have (φ{b}  φ{b})
3805        using A "∀E"(2) by blast
3806      AOT_hence φ{b}  φ{b}
3807        using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" by blast
3808    }
3809    ultimately AOT_have φ{b}
3810      using "→E" by blast
3811    AOT_hence φ{b}
3812      using "qml:2"[axiom_inst] "→E" by blast
3813    AOT_thus b = a
3814      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3815  qed
3816  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3817    using "&I" by blast
3818  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x))
3819    using "∃I" by fast
3820  AOT_hence ∃!x 𝒜φ{x}
3821    using "uniqueness:1"[THEN "≡dfI"] by fast
3822  AOT_thus ιx φ{x}
3823    using "actual-desc:1"[THEN "≡E"(2)] by blast
3824qed
3825
3826AOT_theorem "sc-eq-fur:4":
3827x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3828proof (rule "→I")
3829  AOT_assume x (φ{x}  φ{x})
3830  AOT_hence x (φ{x}  φ{x})
3831    using CBF "→E" by blast
3832  AOT_hence A: 𝒜φ{α}  φ{α} for α
3833    using "sc-eq-fur:2" "∀E" "→E" by fast
3834  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3835  proof (rule "≡I"; rule "→I")
3836    AOT_assume x = ιx φ{x}
3837    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3838      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3839    AOT_show φ{x} & z (φ{z}  z = x)
3840    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3841      AOT_show φ{x}
3842        using A B[THEN "&E"(1)] "≡E"(1) by blast
3843    next
3844      AOT_show z = x if φ{z} for z
3845        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3846    qed
3847  next
3848    AOT_assume B: φ{x} & z (φ{z}  z = x)
3849    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3850    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3851      AOT_show 𝒜φ{x}
3852        using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3853    next
3854      AOT_show b = x if 𝒜φ{b} for b
3855        using A[THEN "≡E"(1)] that
3856              B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3857    qed
3858    AOT_thus x = ιx φ{x}
3859      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3860  qed
3861qed
3862
3863AOT_theorem "id-act:1": α = β  𝒜α = β
3864  by (meson "Act-Sub:3" "Hypothetical Syllogism"
3865            "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3866
3867AOT_theorem "id-act:2": α  β  𝒜α  β
3868proof (AOT_subst α  β ¬(α = β))
3869  AOT_modally_strict {
3870    AOT_show α  β  ¬(α = β)
3871      by (simp add: "=-infix" "≡Df")
3872  }
3873next
3874  AOT_show ¬(α = β)  𝒜¬(α = β)
3875  proof (safe intro!: "≡I" "→I")
3876    AOT_assume ¬α = β
3877    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3878    AOT_thus 𝒜¬α = β
3879      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3880  next
3881    AOT_assume 𝒜¬α = β
3882    AOT_hence ¬𝒜α = β
3883      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3884    AOT_thus ¬α = β
3885      using "id-act:1" "≡E"(4) by blast
3886  qed
3887qed
3888
3889AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3890proof -
3891  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3892    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3893       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3894  also AOT_have   α 𝒜β (φ{β}  β = α)
3895    by (simp add: "Act-Basic:10")
3896  also AOT_have   αβ 𝒜(φ{β}  β = α)
3897    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3898       (auto simp: "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a")
3899  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3900    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α
3901                            𝒜(φ{β}  β = α) for: α β :: 'a)
3902       (auto simp: "Act-Basic:5" "cqt-further:7")
3903  also AOT_have   αβ (𝒜φ{β}  β = α)
3904    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3905       (auto simp: "id-act:1" "cqt-further:7")
3906  also AOT_have ...  ∃!α 𝒜φ{α}
3907    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3908  finally show ?thesis.
3909qed
3910
3911AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3912  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3913     (auto simp: "actual-desc:1" "A-Exists:1")
3914
3915AOT_theorem "id-act-desc:1": ιx (x = y)
3916proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3917  AOT_show x E!x  E!x]ιx (x = y)
3918  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)];
3919         rule "∃I"; (rule "&I")+)
3920    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3921  next
3922    AOT_show z (𝒜z = y  z = y)
3923      apply (rule "∀I")
3924      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3925  next
3926    AOT_show x E!x  E!x]y
3927    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3928      AOT_show x E!x  E!x]
3929        by "cqt:2[lambda]"
3930    next
3931      AOT_show E!y  E!y 
3932        by (simp add: "if-p-then-p")
3933    qed
3934  qed
3935next
3936  AOT_show x E!x  E!x]
3937    by "cqt:2[lambda]"
3938qed
3939
3940AOT_theorem "id-act-desc:2": y = ιx (x = y)
3941  by (rule descriptions[axiom_inst, THEN "≡E"(2)];
3942      rule "∀I"; rule "id-act:1"[symmetric])
3943
3944AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3945  by (simp add: encoding "vdash-properties:1[2]")
3946
3947AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3948proof (rule "→I")
3949  AOT_assume x1x2[F]
3950  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3951    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3952  moreover AOT_have y [F]yx2] by "cqt:2"
3953  moreover AOT_have y [F]x1y] by "cqt:2"
3954  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3955    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3956  note A = this
3957  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3958    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3959  AOT_thus x1x2[F]
3960    by (rule "nary-encoding[2]"[axiom_inst, THEN RN,
3961                                THEN "KBasic:6"[THEN "→E"],
3962                                THEN "≡E"(2)])
3963qed
3964
3965AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3966proof (rule "→I")
3967  AOT_assume x1x2x3[F]
3968  AOT_hence x1y [F]yx2x3]
3969        and x2y [F]x1yx3]
3970        and x3y [F]x1x2y]
3971    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3972  moreover AOT_have y [F]yx2x3] by "cqt:2"
3973  moreover AOT_have y [F]x1yx3] by "cqt:2"
3974  moreover AOT_have y [F]x1x2y] by "cqt:2"
3975  ultimately AOT_have x1y [F]yx2x3]
3976                  and x2y [F]x1yx3]
3977                  and x3y [F]x1x2y]
3978    using encoding[axiom_inst, unvarify F] "→E" by blast+
3979  note A = this
3980  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3981    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3982  AOT_thus x1x2x3[F]
3983    by (rule "nary-encoding[3]"[axiom_inst, THEN RN,
3984                THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3985qed
3986
3987AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3988proof (rule "→I")
3989  AOT_assume x1x2x3x4[F]
3990  AOT_hence x1y [F]yx2x3x4]
3991        and x2y [F]x1yx3x4]
3992        and x3y [F]x1x2yx4]
3993        and x4y [F]x1x2x3y]
3994    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3995  moreover AOT_have y [F]yx2x3x4] by "cqt:2"
3996  moreover AOT_have y [F]x1yx3x4] by "cqt:2"
3997  moreover AOT_have y [F]x1x2yx4] by "cqt:2"
3998  moreover AOT_have y [F]x1x2x3y] by "cqt:2"
3999  ultimately AOT_have x1y [F]yx2x3x4]
4000                  and x2y [F]x1yx3x4]
4001                  and x3y [F]x1x2yx4]
4002                  and x4y [F]x1x2x3y]
4003    using "→E" encoding[axiom_inst, unvarify F] by blast+
4004  note A = this
4005  AOT_have B: (x1y [F]yx2x3x4] &
4006                  x2y [F]x1yx3x4] &
4007                  x3y [F]x1x2yx4] &
4008                  x4y [F]x1x2x3y])
4009    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
4010  AOT_thus x1x2x3x4[F]
4011    by (rule "nary-encoding[4]"[axiom_inst, THEN RN,
4012              THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
4013qed
4014
4015AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
4016proof (rule "→I"; rule "raa-cor:1")
4017  AOT_assume ¬¬x1[F]
4018  AOT_hence x1[F]
4019    by (rule "conventions:5"[THEN "≡dfI"])
4020  AOT_hence x1[F]
4021    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN],
4022              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4023  moreover AOT_assume ¬x1[F]
4024  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
4025qed
4026AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
4027proof (rule "→I"; rule "raa-cor:1")
4028  AOT_assume ¬¬x1x2[F]
4029  AOT_hence x1x2[F]
4030    by (rule "conventions:5"[THEN "≡dfI"])
4031  AOT_hence x1x2[F]
4032    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN],
4033              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4034  moreover AOT_assume ¬x1x2[F]
4035  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
4036qed
4037
4038AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4039proof (rule "→I"; rule "raa-cor:1")
4040  AOT_assume ¬¬x1x2x3[F]
4041  AOT_hence x1x2x3[F]
4042    by (rule "conventions:5"[THEN "≡dfI"])
4043  AOT_hence x1x2x3[F]
4044    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN],
4045              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4046  moreover AOT_assume ¬x1x2x3[F]
4047  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
4048qed
4049
4050AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4051proof (rule "→I"; rule "raa-cor:1")
4052  AOT_assume ¬¬x1x2x3x4[F]
4053  AOT_hence x1x2x3x4[F]
4054    by (rule "conventions:5"[THEN "≡dfI"])
4055  AOT_hence x1x2x3x4[F]
4056    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN],
4057                         THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4058  moreover AOT_assume ¬x1x2x3x4[F]
4059  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
4060qed
4061
4062AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
4063  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4064AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
4065  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4066AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
4067  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4068AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
4069  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4070
4071AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
4072  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
4073AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
4074  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
4075AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
4076  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
4077AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
4078  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
4079
4080AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
4081  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[1]"] "≡I" by blast
4082AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
4083  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[2]"] "≡I" by blast
4084AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
4085  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[3]"] "≡I" by blast
4086AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
4087  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[4]"] "≡I" by blast
4088
4089AOT_theorem "en-eq:4[1]":
4090  (x1[F]  y1[G])  (x1[F]  y1[G])
4091  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4092  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
4093AOT_theorem "en-eq:4[2]":
4094  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4095  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4096  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
4097AOT_theorem "en-eq:4[3]":
4098  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4099  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4100  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
4101AOT_theorem "en-eq:4[4]":
4102  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4103  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4104  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
4105
4106AOT_theorem "en-eq:5[1]":
4107  (x1[F]  y1[G])  (x1[F]  y1[G])
4108  apply (rule "≡I"; rule "→I")
4109  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4110   apply blast
4111  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4112        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]]
4113  by blast
4114AOT_theorem "en-eq:5[2]":
4115  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4116  apply (rule "≡I"; rule "→I")
4117  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4118   apply blast
4119  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4120        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]]
4121  by blast
4122AOT_theorem "en-eq:5[3]":
4123  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4124  apply (rule "≡I"; rule "→I")
4125  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4126   apply blast
4127  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4128        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]]
4129  by blast
4130AOT_theorem "en-eq:5[4]":
4131  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4132  apply (rule "≡I"; rule "→I")
4133  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4134   apply blast
4135  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4136        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]]
4137  by blast
4138
4139AOT_theorem "en-eq:6[1]":
4140  (x1[F]  y1[G])  (x1[F]  y1[G])
4141  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
4142AOT_theorem "en-eq:6[2]":
4143  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4144  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
4145AOT_theorem "en-eq:6[3]":
4146  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4147  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
4148AOT_theorem "en-eq:6[4]":
4149  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4150  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
4151
4152AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
4153  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
4154AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
4155  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
4156AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4157  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
4158AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4159  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
4160
4161AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
4162  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4163        "KBasic:11" "≡E"(5)[symmetric] by blast
4164AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
4165  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4166        "KBasic:11" "≡E"(5)[symmetric] by blast
4167AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4168  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4169        "KBasic:11" "≡E"(5)[symmetric] by blast
4170AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4171  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4172        "KBasic:11" "≡E"(5)[symmetric] by blast
4173
4174AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
4175  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
4176AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
4177  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
4178AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4179  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
4180AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4181  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
4182
4183AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
4184  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4185            "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
4186AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
4187  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4188            "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
4189AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
4190  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4191            "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
4192AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
4193  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4194            "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
4195
4196AOT_theorem "oa-facts:1": O!x  O!x
4197proof(rule "→I")
4198  AOT_modally_strict {
4199    AOT_have x E!x]x  E!x
4200      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4201  } note θ = this
4202  AOT_assume O!x
4203  AOT_hence x E!x]x
4204    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4205  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
4206  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
4207  AOT_hence x E!x]x
4208    by (AOT_subst x E!x]x E!x)
4209       (auto simp: θ)
4210  AOT_thus O!x
4211    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4212qed
4213
4214AOT_theorem "oa-facts:2": A!x  A!x
4215proof(rule "→I")
4216  AOT_modally_strict {
4217    AOT_have x ¬E!x]x  ¬E!x
4218      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4219  } note θ = this
4220  AOT_assume A!x
4221  AOT_hence x ¬E!x]x
4222    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2"
4223  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
4224  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
4225  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
4226  AOT_hence ¬E!x
4227    using "KBasic2:1"
4228    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
4229  AOT_hence x ¬E!x]x
4230    by (AOT_subst x ¬E!x]x ¬E!x)
4231       (auto simp: θ)
4232  AOT_thus A!x
4233    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
4234qed
4235
4236AOT_theorem "oa-facts:3": O!x  O!x
4237  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4238AOT_theorem "oa-facts:4": A!x  A!x
4239  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4240
4241AOT_theorem "oa-facts:5": O!x  O!x
4242  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4243            "oa-facts:1" "oa-facts:3")
4244
4245AOT_theorem "oa-facts:6": A!x  A!x
4246  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4247            "oa-facts:2" "oa-facts:4")
4248
4249AOT_theorem "oa-facts:7": O!x  𝒜O!x
4250  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4251            "oa-facts:1" "oa-facts:3")
4252
4253AOT_theorem "oa-facts:8": A!x  𝒜A!x
4254  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4255            "oa-facts:2" "oa-facts:4")
4256
4257subsection‹The Theory of Relations›
4258text‹\label{PLM: 9.10}›
4259
4260AOT_theorem "beta-C-meta":
4261  μ1...μn φ{μ1...μn, ν1...νn}] 
4262   (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4263  using "lambda-predicates:2"[axiom_inst] by blast
4264
4265AOT_theorem "beta-C-cor:1":
4266  (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}])) 
4267   ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4268  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
4269  using "beta-C-meta" "∀I" by fast
4270
4271AOT_theorem "beta-C-cor:2":
4272  μ1...μn φ{μ1...μn}] 
4273   ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
4274  apply (rule "→I"; rule "∀I")
4275  using "beta-C-meta"[THEN "→E"] by fast
4276
4277(* TODO: syntax *)
4278theorem "beta-C-cor:3":
4279  assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
4280  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn, μ1...μn}]ν1...νn 
4281                         φ{ν1...νn, ν1...νn})]
4282  using "cqt:2[lambda]"[axiom_inst, OF assms]
4283        "beta-C-cor:1"[THEN "→E"] "∀I" by fast
4284
4285AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
4286proof -
4287  AOT_modally_strict {
4288    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
4289    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
4290      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
4291    ultimately AOT_show φ{κ1...κn}
4292      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
4293  }
4294qed
4295
4296AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
4297  using "betaC:1:a" "raa-cor:3" by blast
4298
4299lemmas "β→C" = "betaC:1:a" "betaC:1:b"
4300
4301AOT_theorem "betaC:2:a":
4302  μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4303   μ1...μn φ{μ1...μn}]κ1...κn
4304proof -
4305  AOT_modally_strict {
4306    AOT_assume 1: μ1...μn φ{μ1...μn}]
4307           and 2: κ1...κn
4308           and 3: φ{κ1...κn}
4309    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
4310      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)]
4311      by blast
4312  }
4313  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4314            μ1...μn φ{μ1...μn}]κ1...κn
4315    by blast
4316qed
4317
4318AOT_theorem "betaC:2:b":
4319  μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn 
4320   ¬φ{κ1...κn}
4321  using "betaC:2:a" "raa-cor:3" by blast
4322
4323lemmas "β←C" = "betaC:2:a" "betaC:2:b"
4324
4325AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
4326  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
4327
4328(* Note: generalized alphabetic variant of the last theorem *)
4329AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
4330  using "eta-conversion-lemma1:1".
4331
4332text‹Note: not explicitly part of PLM.›
4333AOT_theorem id_sym:
4334  assumes τ = τ'
4335  shows τ' = τ
4336  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
4337        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
4338declare id_sym[sym]
4339
4340text‹Note: not explicitly part of PLM.›
4341AOT_theorem id_trans:
4342  assumes τ = τ' and τ' = τ''
4343  shows τ = τ''
4344  using "rule=E" assms by blast
4345declare id_trans[trans]
4346
4347method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> =
4348  (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  4349   rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"
4350    [THEN "→E", of v "«[Π]»", symmetric]])
4351(*
4352AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
4353  apply ("ηC" "«[P]»") defer
4354   apply ("ηC" "«[S]»") defer
4355  oops
4356*)
4357(* TODO: proper representation of eta_conversion_lemma2 *)
4358
4359AOT_theorem "sub-des-lam:1":
4360  z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x} 
4361   z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4362proof(rule "→I")
4363  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
4364  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4365    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] =
4366                                   z1...zn χ{z1...zn, τ}]»",
4367               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
4368    by blast
4369qed
4370
4371AOT_theorem "sub-des-lam:2":
4372  ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
4373  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»",
4374                 OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
4375
4376AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
4377proof(rule "≡I"; rule "→I")
4378  AOT_assume F = G
4379  AOT_thus x (x[F]  x[G])
4380    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
4381next
4382  AOT_assume x (x[F]  x[G])
4383  AOT_hence x[F]  x[G] for x
4384    using "∀E" by blast
4385  AOT_hence (x[F]  x[G]) for x
4386    using "en-eq:6[1]"[THEN "≡E"(1)] by blast
4387  AOT_hence x (x[F]  x[G])
4388    by (rule GEN)
4389  AOT_hence x (x[F]  x[G])
4390    using BF[THEN "→E"] by fast
4391  AOT_thus "F = G"
4392    using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
4393qed
4394
4395AOT_theorem "relations:1":
4396  assumes INSTANCE_OF_CQT_2(φ)
4397  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
4398  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
4399  using "cqt:2[lambda]"[OF assms, axiom_inst]
4400        "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
4401
4402AOT_theorem "relations:2":
4403  assumes INSTANCE_OF_CQT_2(φ)
4404  shows F x ([F]x  φ{x})
4405  using "relations:1" assms by blast
4406
4407AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
4408proof(rule RAA(2))
4409  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
4410  AOT_assume A: x « x»]
4411  AOT_have x (A!x & F (x[F]  F = x « x»]))
4412    using "A-objects"[axiom_inst] by fast
4413  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
4414    using "∃E"[rotated] by blast
4415  AOT_show ¬x G (x[G] & ¬[G]x)]
4416  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4417    AOT_assume B: x « x»]a
4418    AOT_hence G (a[G] & ¬[G]a)
4419      using "β→C" A by blast
4420    then AOT_obtain P where a[P] & ¬[P]a
4421      using "∃E"[rotated] by blast
4422    moreover AOT_have P = x « x»]
4423      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4424            calculation[THEN "&E"(1)] by blast
4425    ultimately AOT_have ¬x « x»]a
4426      using "rule=E" "&E"(2) by fast
4427    AOT_thus ¬x G (x[G] & ¬[G]x)]
4428      using B RAA by blast
4429  next
4430    AOT_assume B: ¬x « x»]a
4431    AOT_hence ¬G (a[G] & ¬[G]a)
4432      using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
4433    AOT_hence C: G ¬(a[G] & ¬[G]a)
4434      using "cqt-further:4"[THEN "→E"] by blast
4435    AOT_have G (a[G]  [G]a)
4436      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4437         (auto simp: "oth-class-taut:1:a" C)
4438    AOT_hence ax « x»]  x « x»]a
4439      using "∀E" A by blast
4440    moreover AOT_have ax « x»]
4441      using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
4442      using "=I"(1)[OF A] by blast
4443    ultimately AOT_show ¬x G (x[G] & ¬[G]x)]
4444      using B "→E" RAA by blast
4445  qed
4446qed(simp)
4447
4448AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
4449proof(rule RAA(2))
4450  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
4451  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x))
4452    using "∃E"[rotated] by blast
4453  AOT_have x (A!x & G (x[G]  G = F))
4454    using "A-objects"[axiom_inst] by fast
4455  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
4456    using "∃E"[rotated] by blast
4457  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4458  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4459    AOT_assume B: [F]a
4460    AOT_hence G (a[G] & ¬[G]a)
4461      using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
4462    then AOT_obtain P where a[P] & ¬[P]a
4463      using "∃E"[rotated] by blast
4464    moreover AOT_have P = F
4465      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4466            calculation[THEN "&E"(1)] by blast
4467    ultimately AOT_have ¬[F]a
4468      using "rule=E" "&E"(2) by fast
4469    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x))
4470      using B RAA by blast
4471  next
4472    AOT_assume B: ¬[F]a
4473    AOT_hence ¬G (a[G] & ¬[G]a)
4474      using "oth-class-taut:4:b"[THEN "≡E"(1),
4475              OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)]
4476      by simp
4477    AOT_hence C: G ¬(a[G] & ¬[G]a)
4478      using "cqt-further:4"[THEN "→E"] by blast
4479    AOT_have G (a[G]  [G]a)
4480      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4481         (auto simp: "oth-class-taut:1:a" C)
4482    AOT_hence a[F]  [F]a
4483      using "∀E" by blast
4484    moreover AOT_have a[F]
4485      using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
4486      using "=I"(2) by blast
4487    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4488      using B "→E" RAA by blast
4489  qed
4490qed(simp)
4491
4492AOT_theorem "block-paradox:3": ¬y z z = y]
4493proof(rule RAA(2))
4494  AOT_assume θ: y z z = y]
4495  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
4496    using "A-objects"[axiom_inst] by force
4497  then AOT_obtain a where
4498    a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
4499    using "∃E"[rotated] by blast
4500  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
4501    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
4502  AOT_show ¬y z z = y]
4503  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4504    AOT_assume A: az z = a]
4505    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
4506      using ζ[THEN "≡E"(1)] by blast
4507    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
4508      using "∃E"[rotated] by blast
4509    moreover AOT_have a = a by (rule "=I")
4510    moreover AOT_have z z = a] using θ "∀E" by blast
4511    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
4512    ultimately AOT_have z z = a]a using "β←C" by blast
4513    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
4514    AOT_hence a = b using "β→C" by blast
4515    AOT_hence bz z = a] using A "rule=E" by fast
4516    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
4517  next
4518    AOT_assume A: ¬az z = a]
4519    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
4520      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4521    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
4522      using "cqt-further:4"[THEN "→E"] by blast
4523    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
4524      using "∀E" by blast
4525    AOT_hence z z = a] = z z = a]  az z = a]
4526      by (metis "&I" "deduction-theorem" "raa-cor:4")
4527    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
4528    AOT_thus ¬y z z = y] using A RAA by blast
4529  qed
4530qed(simp)
4531
4532AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
4533proof(rule RAA(2))
4534  AOT_assume θ: y F x([F]x  x = y)
4535  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
4536    using "A-objects"[axiom_inst] by force
4537  then AOT_obtain a where
4538    a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
4539    using "∃E"[rotated] by blast
4540  AOT_obtain F where F_prop: x ([F]x  x = a)
4541    using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
4542  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
4543    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
4544  AOT_show ¬y F x([F]x  x = y)
4545  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4546    AOT_assume A: a[F]
4547    AOT_hence z (y ([F]y  y = z) & ¬z[F])
4548      using ζ[THEN "≡E"(1)] by blast
4549    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
4550      using "∃E"[rotated] by blast
4551    moreover AOT_have [F]a
4552      using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
4553    ultimately AOT_have a = b
4554      using "∀E"(2) "≡E"(1) "&E" by fast
4555    AOT_hence a = b
4556      using "β→C" by blast
4557    AOT_hence b[F]
4558      using A "rule=E" by fast
4559    AOT_thus ¬y F x([F]x  x = y)
4560      using b_prop[THEN "&E"(2)] RAA by blast
4561  next
4562    AOT_assume A: ¬a[F]
4563    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
4564      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4565    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
4566      using "cqt-further:4"[THEN "→E"] by blast
4567    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
4568      using "∀E" by blast
4569    AOT_hence y ([F]y  y = a)  a[F]
4570      by (metis "&I" "deduction-theorem" "raa-cor:4")
4571    AOT_hence a[F] using F_prop "→E" by blast
4572    AOT_thus ¬y F x([F]x  x = y)
4573      using A RAA by blast
4574  qed
4575qed(simp)
4576
4577AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
4578proof(rule "raa-cor:2")
4579  AOT_assume Fxy([F]xy  y = x)
4580  then AOT_obtain F where F_prop: xy([F]xy  y = x)
4581    using "∃E"[rotated] by blast
4582  {
4583    fix x
4584    AOT_have 1: y([F]xy  y = x)
4585      using F_prop "∀E" by blast
4586    AOT_have 2: z [F]xz] by "cqt:2"
4587    moreover AOT_have y(z [F]xz]y  y = x)
4588    proof(rule "∀I")
4589      fix y
4590      AOT_have z [F]xz]y  [F]xy
4591        using "beta-C-meta"[THEN "→E"] 2 by fast
4592      also AOT_have ...  y = x
4593        using 1 "∀E" by fast
4594      finally AOT_show z [F]xz]y  y = x.
4595    qed
4596    ultimately AOT_have Fy([F]y  y = x)
4597      using "∃I" by fast
4598  }
4599  AOT_hence xFy([F]y  y = x)
4600    by (rule GEN)
4601  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
4602    using "&I" "block-paradox:4" by blast
4603qed
4604
4605AOT_act_theorem "block-paradox2:1":
4606  x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4607proof(rule "→I"; rule "raa-cor:2")
4608  AOT_assume antecedant: x [G]x
4609  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4610  proof(rule GEN)
4611    fix x
4612    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x)) 
4613                 ∃!y (y = x & H (x[H] & ¬[H]x))
4614    proof(rule "≡I"; rule "→I")
4615      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4616      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4617        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4618      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
4619        using "!-exists:1"[THEN "≡E"(1)] by blast
4620    next
4621      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4622      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x)
4623                     and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
4624        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4625      AOT_have a_3: [G]a
4626        using antecedant "∀E" by blast
4627      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
4628        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
4629        apply (rule "∃I"(2))
4630        using a_1 a_2 a_3 "&I" by blast
4631    qed
4632    also AOT_have B: ...  H (x[H] & ¬[H]x)
4633    proof (rule "≡I"; rule "→I")
4634      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4635      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
4636        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4637      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
4638    next
4639      AOT_assume H (x[H] & ¬[H]x)
4640      AOT_hence x = x & H (x[H] & ¬[H]x)
4641        using "id-eq:1" "&I" by blast
4642      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
4643        by (simp add: "Conjunction Simplification"(1) "universal-cor")
4644      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
4645        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4646    qed
4647    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
4648  qed
4649
4650  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4651  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x 
4652                   [G]ιy(y = x & H (x[H] & ¬[H]x)))
4653    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
4654  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4655    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
4656  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
4657    using "∃I"(1) A by fast
4658  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) &
4659            (¬F x ([F]x  H (x[H] & ¬[H]x)))
4660    using "block-paradox:2" "&I" by blast
4661qed
4662
4663AOT_act_theorem "block-paradox2:2":
4664  G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4665proof(rule "∃I"(1))
4666  AOT_have 0: x p (p p)]
4667    by "cqt:2[lambda]"
4668  moreover AOT_have x x p (p p)]x
4669    apply (rule GEN)
4670    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
4671    using "if-p-then-p" GEN by fast
4672  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
4673      using "block-paradox2:1" "∀I" by fast
4674  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
4675    using "∀E"(1) "→E" by blast
4676qed("cqt:2[lambda]")
4677
4678AOT_theorem propositions: p (p  φ)
4679proof(rule "∃I"(1))
4680  AOT_show (φ  φ)
4681    by (simp add: RN "oth-class-taut:3:a")
4682next
4683  AOT_show φ
4684    by (simp add: "log-prop-prop:2")
4685qed
4686
4687AOT_theorem "pos-not-equiv-ne:1":
4688  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4689proof (rule "→I")
4690  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4691  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4692    using "KBasic:11"[THEN "≡E"(2)] by blast
4693  AOT_hence ¬(F = G)
4694    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
4695  AOT_thus F  G
4696    using "=-infix"[THEN "≡dfI"] by blast
4697qed
4698
4699AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
4700proof (rule "→I")
4701  AOT_modally_strict {
4702    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
4703    proof (rule "→I"; rule "raa-cor:2")
4704      AOT_assume 1: F = G
4705      AOT_hence φ{F}  φ{G}
4706        using "l-identity"[axiom_inst, THEN "→E"] by blast
4707      moreover {
4708        AOT_have G = F
4709          using 1 id_sym by blast
4710        AOT_hence φ{G}  φ{F}
4711          using "l-identity"[axiom_inst, THEN "→E"] by blast
4712      }
4713      ultimately AOT_have φ{F}  φ{G}
4714        using "≡I" by blast
4715      moreover AOT_assume ¬(φ{F}  φ{G})
4716      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
4717        using "&I" by blast
4718    qed
4719  }
4720  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
4721    using "RM:2[prem]" by blast
4722  moreover AOT_assume ¬(φ{F}  φ{G})
4723  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
4724  AOT_have (F  G)
4725    by (AOT_subst F  G ¬(F = G))
4726       (auto simp: "=-infix" "≡Df" 0)
4727  AOT_thus F  G
4728    using "id-nec2:3"[THEN "→E"] by blast
4729qed
4730
4731AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
4732proof (rule "→I")
4733  AOT_modally_strict {
4734    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
4735    proof (rule "→I"; rule "raa-cor:2")
4736      AOT_assume 1: p = q
4737      AOT_hence φ{p}  φ{q}
4738        using "l-identity"[axiom_inst, THEN "→E"] by blast
4739      moreover {
4740        AOT_have q = p
4741          using 1 id_sym by blast
4742        AOT_hence φ{q}  φ{p}
4743          using "l-identity"[axiom_inst, THEN "→E"] by blast
4744      }
4745      ultimately AOT_have φ{p}  φ{q}
4746        using "≡I" by blast
4747      moreover AOT_assume ¬(φ{p}  φ{q})
4748      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
4749        using "&I" by blast
4750    qed
4751  }
4752  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
4753    using "RM:2[prem]" by blast
4754  moreover AOT_assume ¬(φ{p}  φ{q})
4755  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
4756  AOT_have (p  q)
4757    by (AOT_subst p  q ¬(p = q))
4758       (auto simp: 0 "=-infix" "≡Df")
4759  AOT_thus p  q
4760    using "id-nec2:3"[THEN "→E"] by blast
4761qed
4762
4763AOT_theorem "pos-not-equiv-ne:3":
4764  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4765  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4766
4767AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4768  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4769
4770AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4771  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"]
4772        "T◇"[THEN "→E"] by blast
4773
4774AOT_define relation_negation ::  Π" ("_-")
4775  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4776
4777nonterminal φneg
4778syntax "" :: "φneg  τ" ("_")
4779syntax "" :: "φneg  φ" ("'(_')")
4780
4781AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4782  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4783
4784AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4785  by "cqt:2[lambda]"
4786
4787AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4788  using "cqt:2[lambda0]"[axiom_inst] by blast
4789
4790AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4791  using "=I"(1)[OF "rel-neg-T:1"]
4792  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4793
4794AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4795  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4796  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4797
4798AOT_theorem "rel-neg-T:3": [Π]-
4799  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"]
4800        "rel-neg-T:1" by blast
4801
4802AOT_theorem "rel-neg-T:3[zero]": (φ)-
4803  using "log-prop-prop:2" by blast
4804
4805(* Note: PLM states the zero place case twice *)
4806AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4807proof -
4808  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4809    using "rule=E"[rotated, OF "rel-neg-T:2"]
4810          "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4811          "→I" "≡I" by fast
4812  also AOT_have ...  ¬[F]x1...xn
4813    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4814  finally show ?thesis.
4815qed
4816
4817AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4818  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4819   apply (simp add: "oth-class-taut:3:b")
4820  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4821  using "thm-relation-negation:1".
4822
4823AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4824proof -
4825  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4826  AOT_hence ((p)-)   ¬p]
4827    using "df-relation-negation[zero]" "log-prop-prop:2"
4828          "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4829  also AOT_have  ¬p]  ¬p
4830    by (simp add: "propositions-lemma:2")
4831  finally show ?thesis.
4832qed
4833
4834AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4835  using "thm-relation-negation:3"[THEN "≡E"(1)]
4836        "thm-relation-negation:3"[THEN "≡E"(2)]
4837        "≡I" "→I" RAA by metis
4838
4839AOT_theorem "thm-relation-negation:5": [F]  [F]-
4840proof -
4841  AOT_have ¬([F] = [F]-)
4842  proof (rule RAA(2))
4843    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4844      using "if-p-then-p".
4845  next
4846    AOT_assume [F] = [F]-
4847    AOT_hence [F]- = [F] using id_sym by blast
4848    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4849      using "rule=E" "thm-relation-negation:1" by fast
4850    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4851      using "≡E" RAA by metis
4852  qed
4853  thus ?thesis
4854    using "≡dfI" "=-infix" by blast
4855qed
4856
4857AOT_theorem "thm-relation-negation:6": p  (p)-
4858proof -
4859  AOT_have ¬(p = (p)-)
4860  proof (rule RAA(2))
4861    AOT_show p  p
4862      using "if-p-then-p".
4863  next
4864    AOT_assume p = (p)-
4865    AOT_hence (p)- = p using id_sym by blast
4866    AOT_hence p  ¬p
4867      using "rule=E" "thm-relation-negation:3" by fast
4868    AOT_thus ¬(p  p)
4869      using "≡E" RAA by metis
4870  qed
4871  thus ?thesis
4872    using "≡dfI" "=-infix" by blast
4873qed
4874
4875AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4876  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4877  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]"
4878        "propositions-lemma:1" id_trans by blast+
4879
4880AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4881proof(rule "→I")
4882  AOT_assume p = q
4883  moreover AOT_have (¬p) using "log-prop-prop:2".
4884  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4885  ultimately AOT_show (¬p) = (¬q)
4886    using "rule=E" by fast
4887qed
4888
4889AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4890proof(rule "→I")
4891  AOT_assume p = q
4892  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4893  AOT_thus (p)- = (q)-
4894    using "thm-relation-negation:7" id_sym id_trans by metis
4895qed
4896
4897AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4898  "contingent-properties:1":
4899  Necessary([F]) df x1...∀xn [F]x1...xn
4900
4901AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4902  "contingent-properties:1[zero]":
4903  Necessary0(p) df p
4904
4905AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4906  "contingent-properties:2":
4907  Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4908
4909AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4910  "contingent-properties:2[zero]":
4911  Impossible0(p) df ¬p
4912
4913AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4914  "contingent-properties:3":
4915  NonContingent([F]) df Necessary([F])  Impossible([F])
4916
4917AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4918  "contingent-properties:3[zero]":
4919  NonContingent0(p) df Necessary0(p)  Impossible0(p)
4920
4921AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4922  "contingent-properties:4":
4923  Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4924
4925AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4926  "contingent-properties:4[zero]":
4927  Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4928
4929
4930AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4931proof (rule "≡I"; rule "→I")
4932  AOT_assume NonContingent([F])
4933  AOT_hence Necessary([F])  Impossible([F])
4934    using "≡dfE"[OF "contingent-properties:3"] by blast
4935  moreover {
4936    AOT_assume Necessary([F])
4937    AOT_hence (x1...∀xn [F]x1...xn)
4938      using "≡dfE"[OF "contingent-properties:1"] by blast
4939    moreover AOT_modally_strict {
4940      AOT_assume x1...∀xn [F]x1...xn
4941      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4942      AOT_hence ¬[F]-x1...xn for x1xn
4943        by (meson "≡E"(6) "oth-class-taut:3:a"
4944                  "thm-relation-negation:2" "≡E"(1))
4945      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4946    }
4947    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4948      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4949    AOT_hence Impossible([F]-)
4950      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4951                  OF "rel-neg-T:3", THEN "≡E"(2)]
4952      by blast
4953  }
4954  moreover {
4955    AOT_assume Impossible([F])
4956    AOT_hence (x1...∀xn ¬[F]x1...xn)
4957      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4958                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4959      by blast
4960    moreover AOT_modally_strict {
4961      AOT_assume x1...∀xn ¬[F]x1...xn
4962      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4963      AOT_hence [F]-x1...xn for x1xn
4964        by (meson "≡E"(6) "oth-class-taut:3:a"
4965                  "thm-relation-negation:1" "≡E"(1))
4966      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4967    }
4968    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4969      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4970    AOT_hence Necessary([F]-)
4971      using "≡dfI"[OF "contingent-properties:1"] by blast
4972  }
4973  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4974    using "∨E"(1) "∨I" "→I" by metis
4975  AOT_thus NonContingent([F]-)
4976    using "≡dfI"[OF "contingent-properties:3"] by blast
4977next
4978  AOT_assume NonContingent([F]-)
4979  AOT_hence Necessary([F]-)  Impossible([F]-)
4980    using "≡dfE"[OF "contingent-properties:3"] by blast
4981  moreover {
4982    AOT_assume Necessary([F]-)
4983    AOT_hence (x1...∀xn [F]-x1...xn)
4984      using "≡dfE"[OF "contingent-properties:1"] by blast
4985    moreover AOT_modally_strict {
4986      AOT_assume x1...∀xn [F]-x1...xn
4987      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4988      AOT_hence ¬[F]x1...xn for x1xn
4989        by (meson "≡E"(6) "oth-class-taut:3:a"
4990                  "thm-relation-negation:1" "≡E"(2))
4991      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4992    }
4993    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4994      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4995    AOT_hence Impossible([F])
4996      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4997                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4998      by blast
4999  }
5000  moreover {
5001    AOT_assume Impossible([F]-)
5002    AOT_hence (x1...∀xn ¬[F]-x1...xn)
5003      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5004                  OF "rel-neg-T:3", THEN "≡E"(1)]
5005      by blast
5006    moreover AOT_modally_strict {
5007      AOT_assume x1...∀xn ¬[F]-x1...xn
5008      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
5009      AOT_hence [F]x1...xn for x1xn 
5010        using "thm-relation-negation:1"[THEN
5011                "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
5012              "useful-tautologies:1"[THEN "→E"] by blast
5013      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
5014    }
5015    ultimately AOT_have (x1...∀xn [F]x1...xn)
5016      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
5017    AOT_hence Necessary([F])
5018      using "≡dfI"[OF "contingent-properties:1"] by blast
5019  }
5020  ultimately AOT_have Necessary([F])  Impossible([F])
5021    using "∨E"(1) "∨I" "→I" by metis
5022  AOT_thus NonContingent([F])
5023    using "≡dfI"[OF "contingent-properties:3"] by blast
5024qed
5025
5026AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
5027proof -
5028  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
5029    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5030                                    OF "cqt:2[const_var]"[axiom_inst]]
5031    by blast
5032  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
5033    using "oth-class-taut:5:d" by fastforce
5034  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
5035    by (simp add: "Commutativity of &")
5036  also AOT_have ...  x [F]x & ¬Necessary([F])
5037  proof (rule "oth-class-taut:4:e"[THEN "→E"])
5038    AOT_have ¬Impossible([F])  ¬¬ x [F]x
5039      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5040      apply (AOT_subst x [F]x ¬ x ¬[F]x)
5041       apply (simp add: "conventions:4" "≡Df")
5042      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
5043       apply (simp add: "oth-class-taut:3:b")
5044      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1),
5045                                      OF "cqt:2[const_var]"[axiom_inst]]
5046      by blast
5047    also AOT_have ...  x [F]x
5048      using "conventions:5"[THEN "≡Df", symmetric] by blast
5049    finally AOT_show ¬Impossible([F])  x [F]x .
5050  qed
5051  also AOT_have ...  x [F]x & x ¬[F]x
5052  proof (rule "oth-class-taut:4:f"[THEN "→E"])
5053    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
5054      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5055      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
5056       apply (simp add: "conventions:4" "≡Df")
5057      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
5058       apply (simp add: "oth-class-taut:3:b")
5059      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
5060      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
5061    also AOT_have ...  x ¬[F]x
5062      using "conventions:5"[THEN "≡Df", symmetric] by blast
5063    finally AOT_show ¬Necessary([F])  x ¬[F]x.
5064  qed
5065  finally show ?thesis.
5066qed
5067
5068AOT_theorem "thm-cont-prop:3":
5069  Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
5070proof -
5071  {
5072    fix Π :: <κ>
5073    AOT_assume Π
5074    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5075      using "thm-cont-prop:2" GEN by fast
5076    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
5077      using "thm-cont-prop:2" "∀E" by fast
5078  } note 1 = this
5079  AOT_have Contingent([F])  x [F]x & x ¬[F]x
5080    using "thm-cont-prop:2" by blast
5081  also AOT_have ...  x ¬[F]x & x [F]x
5082    by (simp add: "Commutativity of &")
5083  also AOT_have ...  x [F]-x & x [F]x
5084    by (AOT_subst [F]-x ¬[F]x for: x)
5085       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
5086  also AOT_have ...  x [F]-x & x ¬[F]-x
5087    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
5088       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
5089  also AOT_have ...  Contingent([F]-)
5090    using 1[OF "rel-neg-T:3", symmetric] by blast
5091  finally show ?thesis.
5092qed
5093
5094AOT_define concrete_if_concrete :: ‹Π› ("L")
5095  L_def: L =df x E!x  E!x]
5096
5097AOT_theorem "thm-noncont-e-e:1": Necessary(L)
5098proof -
5099  AOT_modally_strict {
5100    fix x
5101    AOT_have x E!x  E!x] by "cqt:2[lambda]"
5102    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5103    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5104    ultimately AOT_have x E!x  E!x]x
5105      using "β←C" by blast
5106  }
5107  AOT_hence 0: x x E!x  E!x]x
5108    using RN GEN by blast
5109  show ?thesis
5110    apply (rule "=dfI"(2)[OF L_def])
5111     apply "cqt:2[lambda]"
5112    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
5113qed
5114
5115AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
5116proof -
5117  AOT_modally_strict {
5118    fix x
5119
5120    AOT_have 0: F (¬[F]-x  [F]x)
5121      using "thm-relation-negation:2" GEN by fast
5122    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
5123      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
5124    moreover {
5125      AOT_have x E!x  E!x] by "cqt:2[lambda]"
5126      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5127      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5128      ultimately AOT_have x E!x  E!x]x
5129        using "β←C" by blast
5130    }
5131    ultimately AOT_have ¬x E!x  E!x]-x
5132      using "≡E" by blast
5133  }
5134  AOT_hence 0: x ¬x E!x  E!x]-x
5135    using RN GEN by fast
5136  show ?thesis
5137    apply (rule "=dfI"(2)[OF L_def])
5138     apply "cqt:2[lambda]"
5139    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
5140     using "rel-neg-T:3"
5141     apply blast
5142    using 0
5143    by blast
5144qed
5145
5146AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
5147  using "thm-noncont-e-e:1"
5148  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
5149
5150AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
5151proof -
5152  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
5153    using "thm-cont-prop:1" "∀I" by fast
5154  moreover AOT_have 1: L
5155    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5156  AOT_show NonContingent([L]-)
5157    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
5158qed
5159
5160AOT_theorem "thm-noncont-e-e:5":
5161  F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
5162proof (rule "∃I")+
5163  {
5164    AOT_have F [F]  [F]-
5165      using "thm-relation-negation:5" GEN by fast
5166    moreover AOT_have L
5167      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5168    ultimately AOT_have L  [L]-
5169      using "∀E" by blast
5170  }
5171  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
5172    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
5173next
5174  AOT_show [L]-
5175    using "rel-neg-T:3" by blast
5176next
5177  AOT_show L
5178      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5179qed
5180
5181AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5182proof -
5183  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
5184    using "BF◇" "CBF◇" "≡I" by blast
5185  also AOT_have   x ([F]x &  ¬[F]x)
5186    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
5187       (auto simp: "S5Basic:11" "cqt-further:7")
5188  also AOT_have   x (¬[F]x & [F]x)
5189    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
5190       (auto simp: "Commutativity of &" "cqt-further:7")
5191  also AOT_have   x (¬[F]x & [F]x)
5192    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
5193       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
5194  also AOT_have   x (¬[F]x & [F]x)
5195    using "BF◇" "CBF◇" "≡I" by fast
5196  finally show ?thesis.
5197qed
5198
5199AOT_theorem "lem-cont-e:2":
5200  x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
5201proof -
5202  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5203    using "lem-cont-e:1".
5204  also AOT_have   x ([F]-x & ¬[F]-x)
5205    apply (AOT_subst ¬[F]-x [F]x for: x)
5206     apply (simp add: "thm-relation-negation:2")
5207    apply (AOT_subst [F]-x ¬[F]x for: x)
5208     apply (simp add: "thm-relation-negation:1")
5209    by (simp add: "oth-class-taut:3:a")
5210  finally show ?thesis.
5211qed
5212
5213AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
5214proof (rule "CBF◇"[THEN "→E"])
5215  AOT_have x (E!x & ¬𝒜E!x)
5216    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
5217  then AOT_obtain a where (E!a & ¬𝒜E!a)
5218    using "∃E"[rotated] by blast
5219  AOT_hence θ: E!a & ¬𝒜E!a
5220    using "KBasic2:3"[THEN "→E"] by blast
5221  AOT_have ξ: E!a & 𝒜¬E!a
5222    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
5223       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
5224  AOT_have ζ: E!a & 𝒜¬E!a
5225    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
5226       (auto simp add: "Act-Sub:4" ξ)
5227  AOT_hence E!a & ¬E!a
5228    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
5229  AOT_hence (E!a & ¬E!a)
5230    using "S5Basic:11"[THEN "≡E"(2)] by simp
5231  AOT_thus x (E!x & ¬E!x)
5232    using "∃I"(2) by fast
5233qed
5234
5235AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
5236proof -
5237  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
5238    using "lem-cont-e:1" GEN by fast
5239  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
5240    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5241  thus ?thesis using "thm-cont-e:1" "≡E" by blast
5242qed
5243
5244AOT_theorem "thm-cont-e:3": x E!x
5245proof (rule "CBF◇"[THEN "→E"])
5246  AOT_obtain a where (E!a & ¬E!a)
5247    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5248  AOT_hence E!a
5249    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
5250  AOT_thus x E!x using "∃I" by fast
5251qed
5252
5253AOT_theorem "thm-cont-e:4": x ¬E!x
5254proof (rule "CBF◇"[THEN "→E"])
5255  AOT_obtain a where (E!a & ¬E!a)
5256    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5257  AOT_hence ¬E!a
5258    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
5259  AOT_hence ¬E!a
5260    using "4◇"[THEN "→E"] by blast
5261  AOT_thus x ¬E!x using "∃I" by fast
5262qed
5263
5264AOT_theorem "thm-cont-e:5": Contingent([E!])
5265proof -
5266  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5267    using "thm-cont-prop:2" GEN by fast
5268  AOT_hence Contingent([E!])  x E!x & x ¬E!x
5269    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5270  thus ?thesis
5271    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
5272qed
5273
5274AOT_theorem "thm-cont-e:6": Contingent([E!]-)
5275proof -
5276  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
5277    using "thm-cont-prop:3" GEN by fast
5278  AOT_hence Contingent([E!])  Contingent([E!]-)
5279    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5280  thus ?thesis using "thm-cont-e:5" "≡E" by blast
5281qed
5282
5283AOT_theorem "thm-cont-e:7":
5284  FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
5285proof (rule "∃I")+
5286  AOT_have F [«F::<κ>»]  [F]-
5287    using "thm-relation-negation:5" GEN by fast
5288  AOT_hence [E!]  [E!]-
5289    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5290  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
5291    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
5292next
5293  AOT_show E!-
5294    by (fact AOT)
5295next
5296  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
5297qed
5298
5299AOT_theorem "property-facts:1":
5300  NonContingent([F])  ¬G (Contingent([G]) & G = F)
5301proof (rule "→I"; rule "raa-cor:2")
5302  AOT_assume NonContingent([F])
5303  AOT_hence 1: Necessary([F])  Impossible([F])
5304    using "contingent-properties:3"[THEN "≡dfE"] by blast
5305  AOT_assume G (Contingent([G]) & G = F)
5306  then AOT_obtain G where Contingent([G]) & G = F
5307    using "∃E"[rotated] by blast
5308  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
5309  AOT_hence ¬(Necessary([F])  Impossible([F]))
5310    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5311            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5312  AOT_thus (Necessary([F])  Impossible([F])) &
5313            ¬(Necessary([F])  Impossible([F]))
5314    using 1 "&I" by blast
5315qed
5316
5317AOT_theorem "property-facts:2":
5318  Contingent([F])  ¬G (NonContingent([G]) & G = F)
5319proof (rule "→I"; rule "raa-cor:2")
5320  AOT_assume Contingent([F])
5321  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
5322    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5323            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5324  AOT_assume G (NonContingent([G]) & G = F)
5325  then AOT_obtain G where NonContingent([G]) & G = F
5326    using "∃E"[rotated] by blast
5327  AOT_hence NonContingent([F])
5328    using "rule=E" "&E" by blast
5329  AOT_hence Necessary([F])  Impossible([F])
5330    using "contingent-properties:3"[THEN "≡dfE"] by blast
5331  AOT_thus (Necessary([F])  Impossible([F])) &
5332            ¬(Necessary([F])  Impossible([F]))
5333    using 1 "&I" by blast
5334qed
5335
5336AOT_theorem "property-facts:3":
5337  L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
5338proof -
5339  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
5340    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5341    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
5342  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
5343    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
5344  AOT_have not_noncontingent_if_contingent:
5345    ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
5346  proof(rule RAA(2))
5347    AOT_show ¬(Necessary([Π])  Impossible([Π]))
5348      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5349                    OF contingent_denotes[OF that], THEN "≡E"(1)]
5350      by blast
5351  next
5352    AOT_assume NonContingent([Π])
5353    AOT_thus Necessary([Π])  Impossible([Π])
5354      using "contingent-properties:3"[THEN "≡dfE"] by blast
5355  qed
5356
5357  show ?thesis
5358  proof (safe intro!: "&I")
5359    AOT_show L  [L]-
5360      apply (rule "=dfI"(2)[OF L_def])
5361       apply "cqt:2[lambda]"
5362      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5363       apply (rule GEN) apply (fact AOT)
5364      by "cqt:2[lambda]"
5365  next
5366    AOT_show L  E!
5367      apply (rule noneqI)
5368      using "thm-noncont-e-e:3"
5369            not_noncontingent_if_contingent[OF "thm-cont-e:5"]
5370      by auto
5371  next
5372    AOT_show L  E!-
5373      apply (rule noneqI)
5374      using "thm-noncont-e-e:3" apply fast
5375      apply (rule not_noncontingent_if_contingent)
5376      apply (rule "∀E"(1)[
5377            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5378            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5379      using "thm-cont-prop:3" GEN apply fast
5380      using "thm-cont-e:5" by fast+
5381  next
5382    AOT_show [L]-  E!-
5383      apply (rule noneqI)
5384      using "thm-noncont-e-e:4" apply fast
5385      apply (rule not_noncontingent_if_contingent)
5386      apply (rule "∀E"(1)[
5387            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5388            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5389      using "thm-cont-prop:3" GEN apply fast
5390      using "thm-cont-e:5" by fast+
5391  next
5392    AOT_show E!  E!-
5393      apply (rule "=dfI"(2)[OF L_def])
5394       apply "cqt:2[lambda]"
5395      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5396       apply (rule GEN) apply (fact AOT)
5397      by (fact "cqt:2[concrete]"[axiom_inst])
5398  qed
5399qed
5400
5401AOT_theorem "thm-cont-propos:1":
5402  NonContingent0(p)  NonContingent0(((p)-))
5403proof(rule "≡I"; rule "→I")
5404  AOT_assume NonContingent0(p)
5405  AOT_hence Necessary0(p)  Impossible0(p)
5406    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5407  moreover {
5408    AOT_assume Necessary0(p)
5409    AOT_hence 1: p
5410      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5411    AOT_have ¬((p)-)
5412      by (AOT_subst ¬((p)-) p)
5413         (auto simp add: 1 "thm-relation-negation:4")
5414    AOT_hence Impossible0(((p)-))
5415      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5416  }
5417  moreover {
5418    AOT_assume Impossible0(p)
5419    AOT_hence 1: ¬p
5420      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5421    AOT_have ((p)-)
5422      by (AOT_subst ((p)-) ¬p) 
5423         (auto simp: 1 "thm-relation-negation:3")
5424    AOT_hence Necessary0(((p)-))
5425      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5426  }
5427  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
5428    using "∨E"(1) "∨I" "→I" by metis
5429  AOT_thus NonContingent0(((p)-))
5430    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5431next
5432  AOT_assume NonContingent0(((p)-))
5433  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
5434    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5435  moreover {
5436    AOT_assume Impossible0(((p)-))
5437    AOT_hence 1: ¬((p)-)
5438      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5439    AOT_have p
5440      by (AOT_subst (reverse) p ¬((p)-))
5441         (auto simp: 1 "thm-relation-negation:4")
5442    AOT_hence Necessary0(p)
5443      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
5444  }
5445  moreover {
5446    AOT_assume Necessary0(((p)-))
5447    AOT_hence 1: ((p)-)
5448      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
5449    AOT_have ¬p
5450      by (AOT_subst (reverse) ¬p ((p)-))
5451         (auto simp: 1 "thm-relation-negation:3")
5452    AOT_hence Impossible0(p)
5453      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5454  }
5455  ultimately AOT_have Necessary0(p)  Impossible0(p)
5456    using "∨E"(1) "∨I" "→I" by metis
5457  AOT_thus NonContingent0(p)
5458    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5459qed
5460
5461AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
5462proof -
5463  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
5464    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
5465  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
5466    by (fact AOT)
5467  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
5468    by (fact AOT)
5469  also AOT_have   φ & ¬φ
5470    apply (AOT_subst φ ¬¬φ)
5471     apply (simp add: "conventions:5" "≡Df")
5472    apply (AOT_subst Impossible0(φ) ¬φ)
5473     apply (simp add: "contingent-properties:2[zero]" "≡Df")
5474    apply (AOT_subst (reverse) ¬φ ¬φ)
5475     apply (simp add: "KBasic:11")
5476    apply (AOT_subst Necessary0(φ) φ)
5477     apply (simp add: "contingent-properties:1[zero]" "≡Df")
5478    by (simp add: "oth-class-taut:3:a")
5479  finally show ?thesis.
5480qed
5481
5482AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
5483proof -
5484  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
5485  also AOT_have   ¬p & p by (fact AOT)
5486  also AOT_have   ((p)-) & p
5487    by (AOT_subst ((p)-) ¬p)
5488       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
5489  also AOT_have   ((p)-) & ¬((p)-)
5490    by (AOT_subst ¬((p)-) p)
5491       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
5492  also AOT_have   Contingent0(((p)-))
5493    using "thm-cont-propos:2"[symmetric] by blast
5494  finally show ?thesis.
5495qed
5496
5497AOT_define noncontingent_prop :: ‹φ› ("p0")
5498  p0_def: "(p0) =df (x (E!x  E!x))"
5499
5500AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
5501proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5502  AOT_show (p0)
5503    apply (rule "=dfI"(2)[OF p0_def])
5504    using "log-prop-prop:2" apply simp
5505    using "if-p-then-p" RN GEN by fast
5506qed
5507
5508AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
5509proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5510  AOT_show ¬((p0)-)
5511    apply (AOT_subst ((p0)-) ¬p0)
5512    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"]
5513     apply fast
5514    apply (AOT_subst (reverse) ¬¬p0 p0)
5515     apply (simp add: "oth-class-taut:3:b")
5516    apply (rule "=dfI"(2)[OF p0_def])
5517    using "log-prop-prop:2" apply simp
5518    using "if-p-then-p" RN GEN by fast
5519qed
5520
5521AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
5522  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5523  using "thm-noncont-propos:1" "∨I" by blast
5524
5525AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
5526  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5527  using "thm-noncont-propos:2" "∨I" by blast
5528
5529AOT_theorem "thm-noncont-propos:5":
5530  pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
5531proof(rule "∃I")+
5532  AOT_have 0: φ  (φ)- for φ
5533    using "thm-relation-negation:6" "∀I"
5534          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5535  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
5536    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
5537qed(auto simp: "log-prop-prop:2")
5538
5539AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
5540proof(rule "raa-cor:2")
5541  AOT_assume x(E!x & ¬𝒜E!x)
5542  then AOT_obtain a where a: E!a & ¬𝒜E!a
5543    using "∃E"[rotated] by blast
5544  AOT_hence 𝒜¬E!a
5545    using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5546  AOT_hence ¬E!a
5547    using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
5548  AOT_hence E!a & ¬E!a
5549    using a "&E" "&I" by blast
5550  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5551qed
5552
5553AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
5554proof(rule "raa-cor:2")
5555  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
5556  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
5557    using "Act-Basic:10"[THEN "≡E"(1)] by blast
5558  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a)
5559    using "∃E"[rotated] by blast
5560  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a
5561    using "Act-Basic:2"[THEN "≡E"(1)] by blast
5562  AOT_hence ¬𝒜𝒜E!a
5563    using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
5564  AOT_hence ¬𝒜E!a
5565    using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
5566  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
5567qed
5568
5569AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
5570proof (rule RAA(1))
5571  AOT_show ¬𝒜x (E!x & ¬𝒜E!x)
5572    using "pos-not-pna:1" by blast
5573next
5574  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
5575  AOT_hence x (E!x & ¬𝒜E!x)
5576    using "KBasic:12"[THEN "≡E"(2)] by blast
5577  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
5578    using "nec-imp-act"[THEN "→E"] by blast
5579qed
5580
5581AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
5582proof -
5583  AOT_obtain a where (E!a & ¬𝒜E!a)
5584    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
5585  AOT_hence θ: E!a and ξ: ¬𝒜E!a
5586    using "KBasic2:3"[THEN "→E"] "&E" by blast+
5587  AOT_have ¬𝒜E!a
5588    using ξ "KBasic:11"[THEN "≡E"(2)] by blast
5589  AOT_hence ¬𝒜E!a
5590    using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5591                        THEN "≡E"(2)] by blast
5592  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
5593  thus ?thesis using "∃I" by fast
5594qed
5595
5596AOT_define contingent_prop :: φ ("q0")
5597  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
5598
5599AOT_theorem q0_prop: q0 & ¬q0
5600  apply (rule "=dfI"(2)[OF q0_def])
5601  apply (fact "log-prop-prop:2")
5602  apply (rule "&I")
5603   apply (fact "qml:4"[axiom_inst])
5604  by (fact "pos-not-pna:2")
5605
5606AOT_theorem "basic-prop:1": Contingent0((q0))
5607proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5608  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
5609  proof (rule "&I";
5610         rule "=dfI"(2)[OF q0_def];
5611         (rule "log-prop-prop:2" | rule "raa-cor:2"))
5612    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
5613    AOT_hence x (E!x & ¬𝒜E!x)
5614      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5615    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
5616      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
5617    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
5618      using "pos-not-pna:1" "&I" by blast
5619  next
5620    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
5621    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5622      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5623    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5624      using "KBasic2:1"[THEN "≡E"(1)] by blast
5625    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
5626      using "qml:4"[axiom_inst] "&I" by blast
5627  qed
5628  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
5629    using "oth-class-taut:5:d" "≡E"(2) by blast
5630qed
5631
5632AOT_theorem "basic-prop:2": p Contingent0((p))
5633  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
5634
5635AOT_theorem "basic-prop:3": Contingent0(((q0)-))
5636  apply (AOT_subst ((q0)-) ¬q0)
5637   apply (insert "thm-relation-negation:3" "∀I"
5638                "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
5639  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5640  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
5641  apply (rule "&I")
5642   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]",
5643                  THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5644   apply (rule "conventions:5"[THEN "≡dfE"])
5645   apply (rule "=dfE"(2)[OF q0_def])
5646    apply (rule "log-prop-prop:2")
5647   apply (rule q0_prop[THEN "&E"(1)])
5648  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]",
5649                THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5650  apply (rule "conventions:5"[THEN "≡dfE"])
5651  by (rule q0_prop[THEN "&E"(2)])
5652
5653AOT_theorem "basic-prop:4":
5654  pq (p  q & Contingent0(p) & Contingent0(q))
5655proof(rule "∃I")+
5656  AOT_have 0: φ  (φ)- for φ
5657    using "thm-relation-negation:6" "∀I"
5658          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5659  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
5660    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
5661qed(auto simp: "log-prop-prop:2")
5662
5663AOT_theorem "proposition-facts:1":
5664  NonContingent0(p)  ¬q (Contingent0(q) & q = p)
5665proof(rule "→I"; rule "raa-cor:2")
5666  AOT_assume NonContingent0(p)
5667  AOT_hence 1: Necessary0(p)  Impossible0(p)
5668    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5669  AOT_assume q (Contingent0(q) & q = p)
5670  then AOT_obtain q where Contingent0(q) & q = p
5671    using "∃E"[rotated] by blast
5672  AOT_hence Contingent0(p)
5673    using "rule=E" "&E" by fast
5674  AOT_thus (Necessary0(p)  Impossible0(p)) &
5675            ¬(Necessary0(p)  Impossible0(p))
5676    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
5677qed
5678
5679AOT_theorem "proposition-facts:2":
5680  Contingent0(p)  ¬q (NonContingent0(q) & q = p)
5681proof(rule "→I"; rule "raa-cor:2")
5682  AOT_assume Contingent0(p)
5683  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
5684    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5685  AOT_assume q (NonContingent0(q) & q = p)
5686  then AOT_obtain q where NonContingent0(q) & q = p
5687    using "∃E"[rotated] by blast
5688  AOT_hence NonContingent0(p)
5689    using "rule=E" "&E" by fast
5690  AOT_thus (Necessary0(p)  Impossible0(p)) &
5691            ¬(Necessary0(p)  Impossible0(p))
5692    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
5693qed
5694
5695AOT_theorem "proposition-facts:3":
5696  (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
5697proof -
5698  {
5699    fix χ φ ψ
5700    AOT_assume χ{φ}
5701    moreover AOT_assume ¬χ{ψ}
5702    ultimately AOT_have ¬(χ{φ}  χ{ψ})
5703      using RAA "≡E" by metis
5704    moreover {
5705      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
5706        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
5707      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
5708        using "∀E" "log-prop-prop:2" by blast
5709    }
5710    ultimately AOT_have φ  ψ
5711      using "→E" by blast
5712  } note 0 = this
5713  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
5714    using "thm-cont-propos:3" "∀I"
5715          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5716  AOT_have not_noncontingent_if_contingent:
5717    ¬NonContingent0(φ) if Contingent0(φ) for φ
5718    apply (rule "contingent-properties:3[zero]"[THEN "≡Df",
5719                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5720    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5721  show ?thesis
5722    apply (rule "&I")+
5723    using "thm-relation-negation:6" "∀I"
5724          "∀E"(1)[rotated, OF "log-prop-prop:2"]
5725        apply fast
5726       apply (rule 0)
5727    using "thm-noncont-propos:3" apply fast
5728       apply (rule not_noncontingent_if_contingent)
5729       apply (fact AOT)
5730      apply (rule 0)
5731    apply (rule "thm-noncont-propos:3")
5732      apply (rule not_noncontingent_if_contingent)
5733      apply (rule contingent_neg[THEN "≡E"(1)])
5734      apply (fact AOT)
5735     apply (rule 0)
5736    apply (rule "thm-noncont-propos:4")
5737      apply (rule not_noncontingent_if_contingent)
5738      apply (rule contingent_neg[THEN "≡E"(1)])
5739     apply (fact AOT)
5740    using "thm-relation-negation:6" "∀I"
5741          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5742qed
5743
5744AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
5745  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
5746
5747AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
5748  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
5749
5750AOT_theorem "cont-true-cont:1":
5751  ContingentlyTrue((p))  Contingent0((p))
5752proof(rule "→I")
5753  AOT_assume ContingentlyTrue((p))
5754  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
5755  AOT_have ¬Necessary0((p))
5756    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5757                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5758    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
5759  moreover AOT_have ¬Impossible0((p))
5760    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5761                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5762    apply (rule "conventions:5"[THEN "≡dfE"])
5763    using "T◇"[THEN "→E", OF 1].
5764  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5765    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5766  AOT_thus Contingent0((p))
5767    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5768qed
5769
5770AOT_theorem "cont-true-cont:2":
5771  ContingentlyFalse((p))  Contingent0((p))
5772proof(rule "→I")
5773  AOT_assume ContingentlyFalse((p))
5774  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
5775  AOT_have ¬Necessary0((p))
5776    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5777                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5778    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
5779  moreover AOT_have ¬Impossible0((p))
5780    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5781                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5782    apply (rule "conventions:5"[THEN "≡dfE"])
5783    using 2.
5784  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5785    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5786  AOT_thus Contingent0((p))
5787    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5788qed
5789
5790AOT_theorem "cont-true-cont:3":
5791  ContingentlyTrue((p))  ContingentlyFalse(((p)-))
5792proof(rule "≡I"; rule "→I")
5793  AOT_assume ContingentlyTrue((p))
5794  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5795  AOT_have 1: ContingentlyFalse(¬p)
5796    apply (rule "cont-tf:2"[THEN "≡dfI"])
5797    apply (AOT_subst (reverse) ¬¬p p)
5798    by (auto simp: "oth-class-taut:3:b" 0)
5799  AOT_show ContingentlyFalse(((p)-))
5800    apply (AOT_subst ((p)-) ¬p)
5801    by (auto simp: "thm-relation-negation:3" 1)
5802next
5803  AOT_assume 1: ContingentlyFalse(((p)-))
5804  AOT_have ContingentlyFalse(¬p)
5805    by (AOT_subst (reverse) ¬p ((p)-))
5806       (auto simp: "thm-relation-negation:3" 1)
5807  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
5808  AOT_hence p & ¬p
5809    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
5810  AOT_thus ContingentlyTrue((p))
5811    using "cont-tf:1"[THEN "≡dfI"] by blast
5812qed
5813
5814AOT_theorem "cont-true-cont:4":
5815  ContingentlyFalse((p))  ContingentlyTrue(((p)-))
5816proof(rule "≡I"; rule "→I")
5817  AOT_assume ContingentlyFalse(p)
5818  AOT_hence 0: ¬p & p
5819    using "cont-tf:2"[THEN "≡dfE"] by blast
5820  AOT_have ¬p & ¬¬p
5821    by (AOT_subst (reverse) ¬¬p p)
5822       (auto simp: "oth-class-taut:3:b" 0)
5823  AOT_hence 1: ContingentlyTrue(¬p)
5824    by (rule "cont-tf:1"[THEN "≡dfI"])
5825  AOT_show ContingentlyTrue(((p)-))
5826    by (AOT_subst ((p)-) ¬p)
5827       (auto simp: "thm-relation-negation:3" 1)
5828next
5829  AOT_assume 1: ContingentlyTrue(((p)-))
5830  AOT_have ContingentlyTrue(¬p)
5831    by (AOT_subst (reverse) ¬p ((p)-))
5832       (auto simp add: "thm-relation-negation:3" 1)
5833  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5834  AOT_have p
5835    by (AOT_subst p ¬¬p)
5836       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
5837  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
5838  AOT_thus ContingentlyFalse(p)
5839    by (rule "cont-tf:2"[THEN "≡dfI"])
5840qed
5841
5842AOT_theorem "cont-true-cont:5":
5843  (ContingentlyTrue((p)) & Necessary0((q)))  p  q
5844proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5845  AOT_assume ContingentlyTrue((p))
5846  AOT_hence ¬p
5847    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
5848  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
5849  AOT_assume Necessary0((q))
5850  moreover AOT_assume ¬(p  q)
5851  AOT_hence p = q
5852    using "=-infix"[THEN "≡Df",
5853                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5854                    THEN "≡E"(1)]
5855          "useful-tautologies:1"[THEN "→E"] by blast
5856  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
5857  AOT_hence p
5858    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5859  AOT_thus p & ¬p using 0 "&I" by blast
5860qed
5861
5862AOT_theorem "cont-true-cont:6":
5863  (ContingentlyFalse((p)) & Impossible0((q)))  p  q
5864proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5865  AOT_assume ContingentlyFalse((p))
5866  AOT_hence p
5867    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
5868  AOT_hence 1: ¬¬p
5869    using "conventions:5"[THEN "≡dfE"] by blast
5870  AOT_assume Impossible0((q))
5871  moreover AOT_assume ¬(p  q)
5872  AOT_hence p = q
5873    using "=-infix"[THEN "≡Df",
5874                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5875                    THEN "≡E"(1)]
5876          "useful-tautologies:1"[THEN "→E"] by blast
5877  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5878  AOT_hence ¬p
5879    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5880  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5881qed
5882
5883AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5884  apply (rule "cont-tf:2"[THEN "≡dfI"])
5885  apply (rule "=dfI"(2)[OF q0_def])
5886   apply (fact "log-prop-prop:2")
5887  apply (rule "&I")
5888   apply (fact "no-cnac")
5889  by (fact "qml:4"[axiom_inst])
5890
5891AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5892  apply (rule "cont-tf:1"[THEN "≡dfI"])
5893  apply (rule "=dfI"(2)[OF q0_def])
5894   apply (fact "log-prop-prop:2")
5895  apply (rule "&I")
5896   apply (rule "thm-relation-negation:3"
5897                [unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5898     apply (fact "no-cnac")
5899  apply (rule "rule=E"[rotated,
5900                OF "thm-relation-negation:7"
5901                   [unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5902  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5903  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5904
5905(* TODO: q0cf-rem skipped for now *)
5906
5907AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5908proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5909  AOT_assume q0
5910  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5911  AOT_thus ContingentlyTrue(q0)
5912    by (rule "cont-tf:1"[THEN "≡dfI"])
5913next
5914  AOT_assume ¬q0
5915  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5916  AOT_hence ContingentlyFalse(q0)
5917    by (rule "cont-tf:2"[THEN "≡dfI"])
5918  AOT_thus ContingentlyTrue(((q0)-))
5919    by (rule "cont-true-cont:4"[unvarify p,
5920                OF "log-prop-prop:2", THEN "≡E"(1)])
5921qed(auto simp: "log-prop-prop:2")
5922
5923
5924AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5925proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5926  AOT_assume q0
5927  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5928  AOT_hence ContingentlyTrue(q0)
5929    by (rule "cont-tf:1"[THEN "≡dfI"])
5930  AOT_thus ContingentlyFalse(((q0)-))
5931    by (rule "cont-true-cont:3"[unvarify p,
5932                OF "log-prop-prop:2", THEN "≡E"(1)])
5933next
5934  AOT_assume ¬q0
5935  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5936  AOT_thus ContingentlyFalse(q0)
5937    by (rule "cont-tf:2"[THEN "≡dfI"])
5938qed(auto simp: "log-prop-prop:2")
5939
5940AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5941proof -
5942  fix x
5943  AOT_obtain p1 where ContingentlyTrue((p1))
5944    using "cont-tf-thm:1" "∃E"[rotated] by blast
5945  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5946  AOT_modally_strict {
5947    AOT_have for arbitrary p:  (z p]x  p)
5948      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5949    AOT_hence for arbitrary p:   (z p]x  p)
5950      by (rule RN)
5951    AOT_hence p (z p]x  p) using GEN by fast
5952    AOT_hence (z p1]x  p1) using "∀E" by fast
5953  } note 2 = this
5954  AOT_hence (z p1]x  p1) using "∀E" by blast
5955  AOT_hence z p1]x
5956    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5957  moreover AOT_have ¬z p1]x
5958    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5959    apply (AOT_subst z p1]x p1)
5960    using 1[THEN "&E"(2)] by blast
5961  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5962  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5963  moreover AOT_have z p1] by "cqt:2[lambda]"
5964  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5965qed
5966
5967(* TODO: inspect modally strict subproof involving obtained variable *)
5968AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5969proof -
5970  fix x
5971  AOT_obtain p1 where ContingentlyFalse((p1))
5972    using "cont-tf-thm:2" "∃E"[rotated] by blast
5973  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5974  AOT_modally_strict {
5975    AOT_have for arbitrary p:  (z p]x  p)
5976      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5977    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5978      using "oth-class-taut:4:b" "≡E" by blast
5979    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5980      by (rule RN)
5981    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5982    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5983  } note 2 = this
5984  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5985  AOT_hence 3: ¬z p1]x
5986    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5987  AOT_modally_strict {
5988    AOT_have for arbitrary p:  (z p]x  p)
5989      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5990    AOT_hence for arbitrary p:  (z p]x  p)
5991      by (rule RN)
5992    AOT_hence p (z p]x  p) using GEN by fast
5993    AOT_hence (z p1]x  p1) using "∀E" by fast
5994  } note 4 = this
5995  AOT_have z p1]x
5996    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5997    apply (AOT_subst z p1]x p1)
5998    using 1[THEN "&E"(2)] by blast
5999  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
6000  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
6001  moreover AOT_have z p1] by "cqt:2[lambda]"
6002  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
6003qed
6004
6005context
6006begin
6007
6008private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
6009    apply (rule "=dfI"(2)[OF L_def])
6010     apply "cqt:2[lambda]"
6011    apply (rule "beta-C-meta"[THEN "→E"])
6012  by "cqt:2[lambda]"
6013
6014private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
6015    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6016
6017private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
6018proof(rule "≡I"; rule "→I"; (rule "∀I")?)
6019  fix x
6020  AOT_assume 1: φ
6021  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
6022  also AOT_have   φ
6023    using "if-p-then-p" 1 "≡I" "→I" by simp
6024  also AOT_have   z φ]x
6025    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
6026  finally AOT_show [L]x  z φ]x.
6027next
6028  fix x
6029  AOT_assume x([L]x  z φ]x)
6030  AOT_hence [L]x  z φ]x using "∀E" by blast
6031  also AOT_have   φ using eqnotnec_123_Aux_ω.
6032  finally AOT_have φ  [L]x
6033    using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6034  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
6035  finally AOT_show φ using "≡E" "if-p-then-p" by fast
6036qed
6037private lemmas eqnotnec_123_Aux_ξ =
6038  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6039    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6040    THEN "RM◇"]
6041private lemmas eqnotnec_123_Aux_ξ' =
6042  eqnotnec_123_Aux_θ[
6043    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6044    THEN "RM◇"]
6045
6046AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6047proof-
6048  AOT_obtain p1 where ContingentlyTrue(p1)
6049    using "cont-tf-thm:1" "∃E"[rotated] by blast
6050  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6051  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
6052    apply - apply (rule "&I")
6053    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)]
6054          eqnotnec_123_Aux_ξ "→E" by fast+
6055  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
6056    by (rule "∃I") "cqt:2[lambda]"
6057  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
6058    apply (rule "∃I")
6059    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6060qed
6061
6062AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6063proof-
6064  AOT_obtain p1 where ContingentlyFalse(p1)
6065    using "cont-tf-thm:2" "∃E"[rotated] by blast
6066  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6067  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
6068    apply - apply (rule "&I")
6069    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6070                             THEN "≡E"(1)]
6071          "&E" eqnotnec_123_Aux_ξ' "→E" by fast+
6072  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
6073    by (rule "∃I") "cqt:2[lambda]"
6074  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
6075    apply (rule "∃I")
6076    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6077qed
6078
6079AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6080proof-
6081  AOT_have ¬𝒜q0
6082    apply (rule "=dfI"(2)[OF q0_def])
6083     apply (fact "log-prop-prop:2")
6084    by (fact AOT)
6085  AOT_hence 𝒜¬q0
6086    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6087  AOT_hence 𝒜¬x ([L]x  z q0]x)
6088    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6089            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6090            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
6091  moreover AOT_have x ([L]x  z q0]x)
6092    using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
6093  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x)
6094    using "&I" by blast
6095  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
6096    by (rule "∃I") "cqt:2[lambda]"
6097  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6098    apply (rule "∃I")
6099    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6100qed
6101
6102end
6103
6104AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6105proof(rule GEN)
6106  fix F
6107  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6108  proof(rule "→I"; rule GEN)
6109    AOT_modally_strict {
6110    fix x
6111    AOT_assume 0: ψ
6112    AOT_have z [F]z & ψ]x  [F]x & ψ
6113      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6114    also AOT_have ...  [F]x
6115      apply (rule "≡I"; rule "→I")
6116      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6117      apply blast
6118      using 0 "&I" by blast
6119    finally AOT_show [F]x  z [F]z & ψ]x
6120      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6121    }
6122  qed
6123
6124  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6125  proof (rule "→I"; rule GEN)
6126    AOT_modally_strict {
6127      fix x
6128      AOT_assume 0: ψ
6129      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6130        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6131      also AOT_have ...  [F]x
6132        apply (rule "≡I"; rule "→I")
6133        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6134              "&E"
6135         apply blast
6136        apply (rule "∨I"(1)) using 0 "&I" by blast
6137      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6138        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6139    }
6140  qed
6141
6142  AOT_have Aux_C:
6143     ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6144  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
6145  AOT_modally_strict {
6146      AOT_assume 0: ¬ψ
6147      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6148      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6149        using "∀E" by blast
6150      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6151          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6152      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6153        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6154      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6155        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6156      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
6157      ultimately AOT_have ψ using "≡E" "&E" by metis
6158      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6159    }
6160  qed
6161
6162  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6163      (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6164       ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6165  proof (rule "→I")
6166    AOT_assume A: z([F]z  z [F]z & ψ]z)
6167    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6168              ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6169    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
6170          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
6171          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6172      AOT_modally_strict {
6173        AOT_assume z ([F]z  z [F]z & ψ]z)
6174        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6175          using "∀E" by blast
6176        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6177        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6178          using "∀E" by blast
6179        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6180          using "≡E" 1 2 by meson
6181        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6182          by (rule GEN)
6183      }
6184    next
6185      AOT_modally_strict {
6186        AOT_assume z ([F]z  z [F]z & ψ]z)
6187        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6188          using "∀E" by blast
6189        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6190        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6191          using "∀E" by blast
6192        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6193          using 1 2 "≡E" by meson
6194        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6195          by (rule GEN)
6196      }
6197    qed(auto simp: A)
6198  qed
6199
6200  AOT_obtain p1 where p1_prop: p1 & ¬p1
6201    using "cont-tf-thm:1" "∃E"[rotated]
6202          "cont-tf:1"[THEN "≡dfE"] by blast
6203  {
6204    AOT_assume 1: x([F]x  z [F]z & p1]x)
6205    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6206      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6207    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6208      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6209    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6210      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6211    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) &
6212               ¬x([F]x  z [F]z & p1  ¬p1]x)
6213      using 2 "&I" by blast
6214    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6215      by (rule "∃I"(1)) "cqt:2[lambda]"
6216  }
6217  moreover {
6218    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6219    AOT_hence ¬x([F]x  z [F]z & p1]x)
6220      using "KBasic:11"[THEN "≡E"(1)] by blast
6221    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
6222      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
6223    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6224      by (rule "∃I"(1)) "cqt:2[lambda]"
6225  }
6226  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6227    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6228qed
6229
6230AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6231proof(rule GEN)
6232  fix F
6233  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6234  proof(rule "RM◇"; rule "→I"; rule GEN)
6235    AOT_modally_strict {
6236    fix x
6237    AOT_assume 0: ψ
6238    AOT_have z [F]z & ψ]x  [F]x & ψ
6239      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6240    also AOT_have ...  [F]x
6241      apply (rule "≡I"; rule "→I")
6242      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6243       apply blast
6244      using 0 "&I" by blast
6245    finally AOT_show [F]x  z [F]z & ψ]x
6246      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6247    }
6248  qed
6249
6250  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6251  proof (rule "RM◇"; rule "→I"; rule GEN)
6252    AOT_modally_strict {
6253      fix x
6254      AOT_assume 0: ψ
6255      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6256        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6257      also AOT_have ...  [F]x
6258        apply (rule "≡I"; rule "→I")
6259        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6260         apply blast
6261        apply (rule "∨I"(1)) using 0 "&I" by blast
6262      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6263        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6264    }
6265  qed
6266
6267  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6268  proof(rule "→I"; rule "raa-cor:2")
6269  AOT_modally_strict {
6270      AOT_assume 0: ¬ψ
6271      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6272      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6273        using "∀E" by blast
6274      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6275          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6276      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6277        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6278      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6279        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6280      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6281        using 0 "∨I" by blast
6282      ultimately AOT_have ψ using "≡E" "&E" by metis
6283      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6284    }
6285  qed
6286
6287  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6288    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6289     ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6290  proof (rule "→I"; rule "≡I";
6291         (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6292    AOT_modally_strict {
6293      AOT_assume z ([F]z  z [F]z & ψ]z)
6294      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6295        using "∀E" by blast
6296      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6297      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6298        using "∀E" by blast
6299      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6300        using "≡E" 1 2 by meson
6301      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6302        by (rule GEN)
6303    }
6304  next
6305    AOT_modally_strict {
6306      AOT_assume z ([F]z  z [F]z & ψ]z)
6307      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6308        using "∀E" by blast
6309      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6310      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6311        using "∀E" by blast
6312      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6313        using 1 2 "≡E" by meson
6314      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6315        by (rule GEN)
6316    }
6317  qed
6318
6319  AOT_obtain p1 where p1_prop: ¬p1 & p1
6320    using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
6321  {
6322    AOT_assume 1: x([F]x  z [F]z & p1]x)
6323    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6324      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6325    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6326      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6327    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6328      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6329    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) &
6330               x([F]x  z [F]z & p1  ¬p1]x)
6331      using 2 "&I" by blast
6332    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6333      by (rule "∃I"(1)) "cqt:2[lambda]"
6334  }
6335  moreover {
6336    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6337    AOT_hence ¬x([F]x  z [F]z & p1]x)
6338      using "KBasic:11"[THEN "≡E"(1)] by blast
6339    AOT_hence ¬x ([F]x  z [F]z & p1]x) &
6340               x([F]x  z [F]z & p1]x)
6341      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
6342    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6343      by (rule "∃I"(1)) "cqt:2[lambda]"
6344  }
6345  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6346    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6347qed
6348
6349AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6350proof(rule GEN)
6351  fix F
6352  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6353  proof(rule "RM◇"; rule "→I"; rule GEN)
6354    AOT_modally_strict {
6355    fix x
6356    AOT_assume 0: ψ
6357    AOT_have z [F]z & ψ]x  [F]x & ψ
6358      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6359    also AOT_have ...  [F]x
6360      apply (rule "≡I"; rule "→I")
6361      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6362            "&E"
6363       apply blast
6364      using 0 "&I" by blast
6365    finally AOT_show [F]x  z [F]z & ψ]x
6366      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6367    }
6368  qed
6369
6370  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6371  proof (rule "RM◇"; rule "→I"; rule GEN)
6372    AOT_modally_strict {
6373      fix x
6374      AOT_assume 0: ψ
6375      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6376        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6377      also AOT_have ...  [F]x
6378        apply (rule "≡I"; rule "→I")
6379        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6380         apply blast
6381        apply (rule "∨I"(1)) using 0 "&I" by blast
6382      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6383        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6384    }
6385  qed
6386
6387  AOT_have Aux_C:
6388     𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6389  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
6390  AOT_modally_strict {
6391      AOT_assume 0: ¬ψ
6392      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6393      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6394        using "∀E" by blast
6395      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6396          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6397      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6398        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6399      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6400        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6401      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6402        using 0 "∨I" by blast
6403      ultimately AOT_have ψ using "≡E" "&E" by metis
6404      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6405    }
6406  qed
6407
6408  AOT_have (z ([F]z  z [F]z & ψ]z) 
6409    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6410     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6411  proof (rule RN; rule "→I")
6412    AOT_modally_strict {
6413        AOT_assume z ([F]z  z [F]z & ψ]z)
6414        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6415                  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6416          apply -
6417        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6418          AOT_assume z ([F]z  z [F]z & ψ]z)
6419          AOT_hence 1: [F]z  z [F]z & ψ]z for z
6420            using "∀E" by blast
6421          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6422          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6423            using "∀E" by blast
6424          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6425            using "≡E" 1 2 by meson
6426          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6427            by (rule GEN)
6428        next
6429            AOT_assume z ([F]z  z [F]z & ψ]z)
6430            AOT_hence 1: [F]z  z [F]z & ψ]z for z
6431              using "∀E" by blast
6432            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6433            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6434              using "∀E" by blast
6435            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6436              using 1 2 "≡E" by meson
6437            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6438              by (rule GEN)
6439        qed
6440    }
6441  qed
6442  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z) 
6443    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6444     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6445    using "nec-imp-act"[THEN "→E"] by blast
6446  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z) 
6447    𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6448    ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6449    using "act-cond"[THEN "→E"] by blast
6450  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z) 
6451    (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6452     𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6453    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
6454
6455  AOT_have ¬𝒜q0
6456    apply (rule "=dfI"(2)[OF q0_def])
6457     apply (fact "log-prop-prop:2")
6458    by (fact AOT)
6459  AOT_hence q0_prop_1: 𝒜¬q0
6460    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6461  {
6462    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
6463    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
6464      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
6465    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
6466      using Aux_C[THEN "→E", OF q0_prop_1].
6467    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
6468      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6469    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) &
6470               x([F]x  z [F]z & q0  ¬q0]x)
6471      using 2 "&I" by blast
6472    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6473      by (rule "∃I"(1)) "cqt:2[lambda]"
6474  }
6475  moreover {
6476    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
6477    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
6478      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6479    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
6480      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
6481    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6482      by (rule "∃I"(1)) "cqt:2[lambda]"
6483  }
6484  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6485    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6486qed
6487
6488AOT_theorem "oa-contingent:1": O!  A!
6489proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6490  fix x
6491  AOT_assume 1: O! = A!
6492  AOT_hence x E!x] = A!
6493    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6494  AOT_hence x E!x] = x ¬E!x]
6495    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6496  moreover AOT_have x E!x]x  E!x
6497    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6498  ultimately AOT_have x ¬E!x]x  E!x
6499    using "rule=E" by fast
6500  moreover AOT_have x ¬E!x]x  ¬E!x
6501    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6502  ultimately AOT_have E!x  ¬E!x
6503    using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
6504  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)"
6505    using "oth-class-taut:3:c" "&I" by blast
6506qed
6507
6508AOT_theorem "oa-contingent:2": O!x  ¬A!x
6509proof -
6510  AOT_have O!x  x E!x]x
6511    apply (rule "≡I"; rule "→I")
6512     apply (rule "=dfE"(2)[OF AOT_ordinary])
6513      apply "cqt:2[lambda]"
6514     apply argo
6515    apply (rule  "=dfI"(2)[OF AOT_ordinary])
6516     apply "cqt:2[lambda]"
6517    by argo
6518  also AOT_have   E!x
6519    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6520  also AOT_have   ¬¬E!x
6521    using "oth-class-taut:3:b".
6522  also AOT_have   ¬x ¬E!x]x
6523    by (rule "beta-C-meta"[THEN "→E",
6524              THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6525       "cqt:2"
6526  also AOT_have   ¬A!x
6527    apply (rule "≡I"; rule "→I")
6528     apply (rule "=dfI"(2)[OF AOT_abstract])
6529      apply "cqt:2[lambda]"
6530     apply argo
6531    apply (rule "=dfE"(2)[OF AOT_abstract])
6532     apply "cqt:2[lambda]"
6533    by argo
6534  finally show ?thesis.
6535qed
6536
6537AOT_theorem "oa-contingent:3": A!x  ¬O!x
6538  by (AOT_subst A!x ¬¬A!x)
6539     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN
6540         "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6541
6542AOT_theorem "oa-contingent:4": Contingent(O!)
6543proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)];
6544       rule "&I")
6545  AOT_have x E!x using "thm-cont-e:3" .
6546  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6547  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6548  AOT_hence x E!x]a
6549    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2"
6550  AOT_hence O!a
6551    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
6552  AOT_hence x O!x using "∃I" by blast
6553  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
6554next
6555  AOT_obtain a where A!a
6556    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6557  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
6558  AOT_hence x ¬O!x using "∃I" by fast
6559  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
6560qed
6561
6562AOT_theorem "oa-contingent:5": Contingent(A!)
6563proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)];
6564       rule "&I")
6565  AOT_obtain a where A!a
6566    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6567  AOT_hence x A!x using "∃I" by fast
6568  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
6569next
6570  AOT_have x E!x using "thm-cont-e:3" .
6571  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6572  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6573  AOT_hence x E!x]a
6574    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
6575  AOT_hence O!a
6576    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6577  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
6578  AOT_hence x ¬A!x using "∃I" by fast
6579  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
6580qed
6581
6582AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
6583proof -
6584  AOT_have O!x  ¬A!x
6585    using "oa-contingent:2" by blast
6586  also AOT_have   A!-x
6587    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
6588  finally AOT_have 1: O!x  A!-x.
6589
6590  AOT_have A!x  ¬O!x
6591    using "oa-contingent:3" by blast
6592  also AOT_have   O!-x
6593    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
6594  finally AOT_have 2: A!x  O!-x.
6595
6596  AOT_show O!-x  ¬A!-x
6597    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
6598          "oa-contingent:3"[of _ x] 2[symmetric]
6599          "≡E"(5) by blast
6600qed
6601
6602AOT_theorem "oa-contingent:6": O!-  A!-
6603proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6604  AOT_assume 1: O!- = A!-
6605  fix x
6606  AOT_have A!-x  O!-x
6607    apply (rule "rule=E"[rotated, OF 1])
6608    by (fact "oth-class-taut:3:a")
6609  AOT_hence A!-x  ¬A!-x
6610    using "oa-contingent:7" "≡E" by fast
6611  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x)
6612    using "oth-class-taut:3:c" "&I" by blast
6613qed
6614
6615AOT_theorem "oa-contingent:8": Contingent(O!-)
6616  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1),
6617          OF "oa-contingent:4"].
6618
6619AOT_theorem "oa-contingent:9": Contingent(A!-)
6620  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1),
6621          OF "oa-contingent:5"].
6622
6623AOT_define WeaklyContingent :: ‹Π  φ› (WeaklyContingent'(_'))
6624  "df-cont-nec":
6625  WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)
6626
6627AOT_theorem "cont-nec-fact1:1":
6628  WeaklyContingent([F])  WeaklyContingent([F]-)
6629proof -
6630  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
6631    using "df-cont-nec"[THEN "≡Df"] by blast
6632  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
6633    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
6634    using "thm-cont-prop:3".
6635  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
6636  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)];
6637         rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
6638    fix x
6639    AOT_assume 0: x ([F]x  [F]x)
6640    AOT_assume 1: [F]-x
6641    AOT_have ¬[F]x
6642      by (AOT_subst (reverse) ¬[F]x [F]-x)
6643         (auto simp add: "thm-relation-negation:1" 1)
6644    AOT_hence 2: ¬[F]x
6645      using "KBasic:11"[THEN "≡E"(2)] by blast
6646    AOT_show [F]-x
6647    proof (rule "raa-cor:1")
6648      AOT_assume 3: ¬[F]-x
6649      AOT_have ¬¬[F]x
6650        by (AOT_subst (reverse) ¬[F]x [F]-x)
6651           (auto simp add: "thm-relation-negation:1" 3)
6652      AOT_hence [F]x
6653        using "conventions:5"[THEN "≡dfI"] by simp
6654      AOT_hence [F]x using 0 "∀E" "→E" by fast
6655      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
6656    qed
6657  next
6658    fix x
6659    AOT_assume 0: x ([F]-x  [F]-x)
6660    AOT_assume 1: [F]x
6661    AOT_have ¬[F]-x
6662      by (AOT_subst ¬[F]-x [F]x)
6663         (auto simp: "thm-relation-negation:2" 1)
6664    AOT_hence 2: ¬[F]-x
6665      using "KBasic:11"[THEN "≡E"(2)] by blast
6666    AOT_show [F]x
6667    proof (rule "raa-cor:1")
6668      AOT_assume 3: ¬[F]x
6669      AOT_have ¬¬[F]-x
6670        by (AOT_subst ¬[F]-x [F]x)
6671           (auto simp add: "thm-relation-negation:2" 3)
6672      AOT_hence [F]-x
6673        using "conventions:5"[THEN "≡dfI"] by simp
6674      AOT_hence [F]-x using 0 "∀E" "→E" by fast
6675      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
6676    qed
6677  qed
6678  also AOT_have   WeaklyContingent([F]-)
6679    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
6680  finally show ?thesis.
6681qed
6682
6683AOT_theorem "cont-nec-fact1:2":
6684  (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
6685proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6686  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
6687  AOT_hence WeaklyContingent([F]) using "&E" by blast
6688  moreover AOT_assume F = G
6689  ultimately AOT_have WeaklyContingent([G])
6690    using "rule=E" by blast
6691  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
6692    using 1 "&I" "&E" by blast
6693qed
6694
6695AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
6696proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6697  AOT_show Contingent(O!)
6698    using "oa-contingent:4".
6699next
6700  AOT_show x ([O!]x  [O!]x)
6701    apply (rule GEN; rule "→I")
6702    using "oa-facts:5"[THEN "≡E"(1)] by blast
6703qed
6704
6705
6706AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
6707proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6708  AOT_show Contingent(A!)
6709    using "oa-contingent:5".
6710next
6711  AOT_show x ([A!]x  [A!]x)
6712    apply (rule GEN; rule "→I")
6713    using "oa-facts:6"[THEN "≡E"(1)] by blast
6714qed
6715
6716AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
6717proof (rule "df-cont-nec"[THEN "≡Df",
6718                          THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6719                          THEN "≡E"(2)];
6720       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
6721  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
6722  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
6723  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
6724  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
6725  moreover AOT_assume x ([E!]x  [E!]x)
6726  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
6727  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
6728  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
6729  moreover AOT_have ¬𝒜E!a
6730    using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
6731  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
6732  AOT_thus p & ¬p for p using "raa-cor:1" by blast
6733qed
6734
6735AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
6736  apply (rule "df-cont-nec"[THEN "≡Df",
6737                            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6738                            THEN "≡E"(2)];
6739       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
6740  apply (rule "contingent-properties:4"
6741                [THEN "≡Df",
6742                 THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6743                 THEN "≡E"(2)])
6744  apply (rule DeMorgan(1)[THEN "≡E"(2)];
6745         rule "∨I"(2);
6746         rule "useful-tautologies:2"[THEN "→E"])
6747  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
6748
6749(* TODO: cleanup *)
6750AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
6751proof -
6752  AOT_have 1: L
6753    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6754  {
6755    fix φ and Π Π' :: <κ>
6756    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6757    proof (rule "raa-cor:2")
6758      AOT_assume φ{Π'}  φ{Π}
6759      AOT_hence φ{Π'} using that(1) "≡E" by blast
6760      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6761    qed
6762    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6763      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6764                                 OF that(1,2), OF A[OF that(3, 4)]].
6765  } note 0 = this
6766  show ?thesis
6767    apply(safe intro!: "&I"; rule 0)
6768    using "cqt:2[concrete]"[axiom_inst] apply blast
6769    using "oa-exist:1" apply blast
6770    using "cont-nec-fact2:3" apply fast
6771    apply (rule "useful-tautologies:2"[THEN "→E"])
6772    using "cont-nec-fact2:1" apply fast
6773    using "rel-neg-T:3" apply fast
6774    using "oa-exist:1" apply blast
6775    using "cont-nec-fact1:1"[unvarify F,
6776            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6777            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3",
6778            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6779    apply (rule "useful-tautologies:2"[THEN "→E"])
6780    using "cont-nec-fact2:1" apply blast
6781    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6782    using "oa-exist:1" apply fast
6783    using "cont-nec-fact2:4" apply fast
6784    apply (rule "useful-tautologies:2"[THEN "→E"])
6785    using "cont-nec-fact2:1" apply fast
6786    using "rel-neg-T:3" apply fast
6787    using "oa-exist:1" apply fast
6788     apply (rule "cont-nec-fact1:1"[unvarify F,
6789                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6790                    THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6791    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6792    apply (rule "useful-tautologies:2"[THEN "→E"])
6793    using "cont-nec-fact2:1" by blast
6794qed
6795
6796(* TODO: cleanup together with above *)
6797AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
6798proof -
6799  AOT_have 1: L
6800    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6801  {
6802    fix φ and Π Π' :: <κ>
6803    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6804    proof (rule "raa-cor:2")
6805      AOT_assume φ{Π'}  φ{Π}
6806      AOT_hence φ{Π'} using that(1) "≡E" by blast
6807      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6808    qed
6809    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6810      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6811              OF that(1,2), OF A[OF that(3, 4)]].
6812  } note 0 = this
6813  show ?thesis
6814    apply(safe intro!: "&I"; rule 0)
6815    using "cqt:2[concrete]"[axiom_inst] apply blast
6816    using "oa-exist:2" apply blast
6817    using "cont-nec-fact2:3" apply fast
6818    apply (rule "useful-tautologies:2"[THEN "→E"])
6819    using "cont-nec-fact2:2" apply fast
6820    using "rel-neg-T:3" apply fast
6821    using "oa-exist:2" apply blast
6822    using "cont-nec-fact1:1"[unvarify F,
6823            THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1),
6824            rotated, OF "cont-nec-fact2:3",
6825            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6826    apply (rule "useful-tautologies:2"[THEN "→E"])
6827    using "cont-nec-fact2:2" apply blast
6828    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6829    using "oa-exist:2" apply fast
6830    using "cont-nec-fact2:4" apply fast
6831    apply (rule "useful-tautologies:2"[THEN "→E"])
6832    using "cont-nec-fact2:2" apply fast
6833    using "rel-neg-T:3" apply fast
6834    using "oa-exist:2" apply fast
6835     apply (rule "cont-nec-fact1:1"[unvarify F,
6836              THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6837              THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6838     apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6839    apply (rule "useful-tautologies:2"[THEN "→E"])
6840    using "cont-nec-fact2:2" by blast
6841qed
6842
6843AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
6844  Δp df p  (¬𝒜p & p)
6845
6846AOT_theorem sixteen:
6847 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
6848  «F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 &
6849    F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 &
6850    F1  F14 & F1  F15 & F1  F16 &
6851  F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 &
6852    F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 &
6853    F2  F15 & F2  F16 &
6854  F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 &
6855    F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
6856  F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 &
6857    F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
6858  F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 &
6859    F5  F13 & F5  F14 & F5  F15 & F5  F16 &
6860  F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 &
6861    F6  F14 & F6  F15 & F6  F16 &
6862  F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 &
6863    F7  F15 & F7  F16 &
6864  F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 &
6865    F8  F16 &
6866  F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
6867  F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
6868  F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
6869  F12  F13 & F12  F14 & F12  F15 & F12  F16 &
6870  F13  F14 & F13  F15 & F13  F16 &
6871  F14  F15 & F14  F16 &
6872  F15  F16) 
6873proof -
6874  AOT_have Delta_pos: Δφ  φ for φ
6875  proof(rule "→I")
6876    AOT_assume Δφ
6877    AOT_hence φ  (¬𝒜φ & φ)
6878      using "≡dfE"[OF necessary_or_contingently_false] by blast
6879    moreover {
6880      AOT_assume φ
6881      AOT_hence φ
6882        by (metis "B◇" "T◇" "vdash-properties:10")
6883    }
6884    moreover {
6885      AOT_assume ¬𝒜φ & φ
6886      AOT_hence φ
6887        using "&E" by blast
6888    }
6889    ultimately AOT_show φ
6890      by (metis "∨E"(2) "raa-cor:1") 
6891  qed
6892
6893  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6894    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false
6895          "raa-cor:3" that(1,2) by blast
6896  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6897    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1,2) by blast
6898  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
6899    using Delta_pos "modus-tollens:1" that by blast
6900  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
6901    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1,2))
6902  AOT_have nec_delta: Δφ if φ for φ
6903    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
6904
6905  AOT_obtain a where a_prop: A!a
6906    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6907  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
6908    using "pos-not-pna:3" using "∃E"[rotated] by blast
6909
6910  AOT_have b_ord: [O!]b
6911  proof(rule "=dfI"(2)[OF AOT_ordinary])
6912    AOT_show x [E!]x] by "cqt:2[lambda]"
6913  next
6914    AOT_show x [E!]x]b
6915    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
6916      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
6917      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
6918    qed
6919  qed
6920
6921  AOT_have nec_not_L_neg: ¬[L-]x for x
6922    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
6923          CBF[THEN "→E"] "∀E" by blast
6924  AOT_have nec_L: [L]x for x
6925    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
6926      CBF[THEN "→E"] "∀E" by blast
6927
6928  AOT_have act_ord_b: 𝒜[O!]b
6929    using b_ord "≡E"(1) "oa-facts:7" by blast
6930  AOT_have delta_ord_b: Δ[O!]b
6931    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false
6932              "oa-facts:1" "→E")
6933  AOT_have not_act_ord_a: ¬𝒜[O!]a
6934    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
6935  AOT_have not_delta_ord_a: ¬Δ[O!]a
6936    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7"
6937              "reductio-aa:1" "→E")
6938
6939  AOT_have not_act_abs_b: ¬𝒜[A!]b
6940    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
6941  AOT_have not_delta_abs_b: ¬Δ[A!]b
6942  proof(rule "raa-cor:2")
6943    AOT_assume Δ[A!]b
6944    AOT_hence [A!]b
6945      by (metis Delta_pos "vdash-properties:10")
6946    AOT_thus [A!]b & ¬[A!]b
6947      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2"
6948                "oa-facts:4" "→E")
6949  qed
6950  AOT_have act_abs_a: 𝒜[A!]a
6951    using a_prop "≡E"(1) "oa-facts:8" by blast
6952  AOT_have delta_abs_a: Δ[A!]a
6953    by (metis "≡dfI" a_prop "oa-facts:2" "→E" "∨I"(1)
6954              necessary_or_contingently_false)
6955
6956  AOT_have not_act_concrete_b: ¬𝒜[E!]b
6957    using b_prop "&E"(2) by blast
6958  AOT_have delta_concrete_b: Δ[E!]b
6959  proof (rule "≡dfI"[OF necessary_or_contingently_false];
6960         rule "∨I"(2); rule "&I")
6961    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
6962  next
6963    AOT_show [E!]b using b_prop "&E"(1) by blast
6964  qed
6965  AOT_have not_act_concrete_a: ¬𝒜[E!]a
6966  proof (rule "raa-cor:2")
6967    AOT_assume 𝒜[E!]a
6968    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "→E")
6969    AOT_have [A!]a by (simp add: a_prop)
6970    AOT_hence x ¬[E!]x]a
6971      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2"
6972    AOT_hence ¬[E!]a using "β→C"(1) by blast
6973    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6974  qed
6975  AOT_have not_delta_concrete_a: ¬Δ[E!]a
6976  proof (rule "raa-cor:2")
6977    AOT_assume Δ[E!]a
6978    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
6979    AOT_have [A!]a by (simp add: a_prop)
6980    AOT_hence x ¬[E!]x]a
6981      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6982    AOT_hence ¬[E!]a using "β→C"(1) by blast
6983    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6984  qed
6985
6986  AOT_have not_act_q_zero: ¬𝒜q0
6987    by (meson "log-prop-prop:2" "pos-not-pna:1"
6988              q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
6989  AOT_have delta_q_zero: Δq0
6990  proof(rule "≡dfI"[OF necessary_or_contingently_false];
6991        rule "∨I"(2); rule "&I")
6992    AOT_show ¬𝒜q0 using not_act_q_zero.
6993    AOT_show q0 by (meson "&E"(1) q0_prop)
6994  qed
6995  AOT_have act_not_q_zero: 𝒜¬q0
6996    using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
6997  AOT_have not_delta_not_q_zero: ¬Δ¬q0
6998    using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
6999          "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
7000
7001  AOT_have [L-] by (simp add: "rel-neg-T:3")
7002  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
7003  proof (safe intro!: "&I")
7004    AOT_show ¬𝒜[L-]b
7005      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act"
7006                nec_not_L_neg "→E")
7007    AOT_show ¬Δ[L-]b
7008      by (meson Delta_pos "KBasic2:1" "≡E"(1)
7009                "modus-tollens:1" nec_not_L_neg)
7010    AOT_show ¬𝒜[L-]a
7011      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst]
7012                "nec-imp-act" nec_not_L_neg "→E")
7013    AOT_show ¬Δ[L-]a
7014      using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1"
7015            nec_not_L_neg by blast
7016  qed
7017  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
7018    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7019  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
7020    using "&E" by blast+
7021  note props = this
7022
7023  let  = "«y [A!]y & q0]»"
7024  AOT_modally_strict {
7025    AOT_have [«»] by "cqt:2[lambda]"
7026  } note 1 = this
7027  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7028  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
7029    AOT_show ¬𝒜([A!]b & q0)
7030      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7031  next AOT_show ¬Δ([A!]b & q0)
7032      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b
7033                "oa-facts:4" "oa-facts:8" "raa-cor:3" "→E")
7034  next AOT_show ¬𝒜([A!]a & q0)
7035      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero
7036            "raa-cor:3" by blast
7037  next AOT_show Δ([A!]a & q0)
7038    proof (rule not_act_and_pos_delta)
7039      AOT_show ¬𝒜([A!]a & q0)
7040        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero
7041              "raa-cor:3" by blast
7042    next AOT_show ([A!]a & q0)
7043        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a
7044                  "≡E"(1) "oa-facts:6" q0_prop)
7045    qed
7046  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7047  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
7048    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7049  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
7050    using "&E" by blast+
7051  note props = props this
7052
7053  let  = "«y [A!]y & ¬q0]»"
7054  AOT_modally_strict {
7055    AOT_have [«»] by "cqt:2[lambda]"
7056  } note 1 = this
7057  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7058  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
7059    AOT_show ¬𝒜([A!]b & ¬q0)
7060      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7061  next AOT_show ¬Δ([A!]b & ¬q0)
7062      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4)
7063                "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
7064  next AOT_show 𝒜([A!]a & ¬q0)
7065      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7066                "≡E"(3) not_act_q_zero "raa-cor:3")
7067  next AOT_show ¬Δ([A!]a & ¬q0)
7068    proof (rule act_and_not_nec_not_delta)
7069      AOT_show 𝒜([A!]a & ¬q0)
7070        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7071                  "≡E"(3) not_act_q_zero "raa-cor:3")
7072    next
7073      AOT_show ¬([A!]a & ¬q0)
7074        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4)
7075                  q0_prop "raa-cor:3")
7076    qed
7077  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7078  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
7079    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7080  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
7081    using "&E" by blast+
7082  note props = props this
7083
7084  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
7085    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b
7086    by presburger
7087  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
7088    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
7089  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
7090    using "&E" by blast+
7091  note props = props this
7092
7093  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
7094    by (meson "&I" delta_concrete_b not_act_concrete_a
7095              not_act_concrete_b not_delta_concrete_a)
7096  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
7097    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7098    by fastforce
7099  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
7100    using "&E" by blast+
7101  note props = props this
7102
7103  AOT_modally_strict {
7104    AOT_have y q0] by "cqt:2[lambda]"
7105  } note 1 = this
7106  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
7107    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
7108       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
7109  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
7110    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7111    by fastforce
7112  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
7113    using "&E" by blast+
7114  note props = props this
7115
7116  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
7117  AOT_modally_strict {
7118    AOT_have [«»] by "cqt:2[lambda]"
7119  } note 1 = this
7120  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7121  proof(safe intro!: "&I";
7122        AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
7123    AOT_have 𝒜¬([A!]b & ¬q0)
7124      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
7125                "≡E"(1) "raa-cor:3")
7126    moreover AOT_have ¬𝒜[E!]b
7127      using b_prop "&E"(2) by blast
7128    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
7129      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
7130    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
7131      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
7132         (auto simp: "oth-class-taut:5:d" 2)
7133    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
7134      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
7135  next
7136    AOT_show Δ([E!]b  ([A!]b & ¬q0))
7137    proof (rule not_act_and_pos_delta)
7138      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
7139        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "raa-cor:3"
7140                  "Conjunction Simplification"(1) "≡E"(4)
7141                  "modus-tollens:1" not_act_abs_b not_act_concrete_b)
7142    next
7143      AOT_show ([E!]b  ([A!]b & ¬q0))
7144        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
7145    qed
7146  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7147      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7148                "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7149  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
7150    proof (rule act_and_not_nec_not_delta)
7151      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7152        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7153                  "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7154    next
7155      AOT_have ¬[E!]a
7156        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2)
7157                  necessary_or_contingently_false
7158                  not_act_concrete_a not_delta_concrete_a "raa-cor:3")
7159      moreover AOT_have ¬([A!]a & ¬q0)
7160        by (metis "KBasic2:1" "KBasic:11" "KBasic:3"
7161                  "&E"(1,2) "≡E"(1) q0_prop "raa-cor:3")
7162      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0))
7163        by (metis "KBasic:16" "&I" "vdash-properties:10")
7164      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
7165        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
7166      AOT_thus ¬([E!]a  ([A!]a & ¬q0))
7167        by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
7168    qed
7169  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7170  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
7171    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7172  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
7173    using "&E" by blast+
7174  note props = props this
7175
7176  let  = "«y [A!]y  [E!]y]»"
7177  AOT_modally_strict {
7178    AOT_have [«»] by "cqt:2[lambda]"
7179  } note 1 = this
7180  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
7181  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
7182    AOT_show ¬𝒜([A!]b  [E!]b)
7183      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7184            not_act_concrete_b "raa-cor:3" by blast
7185  next AOT_show Δ([A!]b  [E!]b)
7186    proof (rule not_act_and_pos_delta)
7187      AOT_show ¬𝒜([A!]b  [E!]b)
7188        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7189              not_act_concrete_b "raa-cor:3" by blast
7190    next AOT_show ([A!]b  [E!]b)
7191        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
7192    qed
7193  next AOT_show 𝒜([A!]a  [E!]a)
7194      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
7195  next AOT_show Δ([A!]a  [E!]a)
7196    proof (rule nec_delta)
7197      AOT_show ([A!]a  [E!]a)
7198        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta
7199                  "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "→E")
7200    qed
7201  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7202  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
7203    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7204  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
7205    using "&E" by blast+
7206  note props = props this
7207
7208  let  = "«y [O!]y & ¬[E!]y]»"
7209  AOT_modally_strict {
7210    AOT_have [«»] by "cqt:2[lambda]"
7211  } note 1 = this
7212  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
7213  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
7214    AOT_show 𝒜([O!]b & ¬[E!]b)
7215      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2)
7216                "≡E"(3) not_act_concrete_b "raa-cor:3")
7217  next AOT_show ¬Δ([O!]b & ¬[E!]b)
7218      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1"
7219                act_and_not_nec_not_delta "act-conj-act:3"
7220                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2)
7221                "df-rules-formulas[3]"
7222                "≡E"(3) "raa-cor:1" "→E")
7223  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
7224      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
7225  next AOT_have ¬([O!]a & ¬[E!]a)
7226      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3"
7227                "oa-facts:7" "raa-cor:3" "vdash-properties:10")
7228    AOT_thus ¬Δ([O!]a & ¬[E!]a)
7229      by (rule impossible_delta)
7230  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7231  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
7232    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7233  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
7234    using "&E" by blast+
7235  note props = props this
7236
7237  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
7238  AOT_modally_strict {
7239    AOT_have [«»] by "cqt:2[lambda]"
7240  } note 1 = this
7241  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7242  proof(safe intro!: "&I";
7243        AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
7244    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7245      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7246                "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7247  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
7248    proof (rule act_and_pos_not_not_delta)
7249      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7250        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7251                  "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7252    next
7253      AOT_show ¬(¬[E!]b & ([O!]b  q0))
7254      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
7255        AOT_modally_strict {
7256          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
7257            by (metis "&I" "&E"(1,2) "∨I"(1,2) "∨E"(2)
7258                      "→I" "≡I" "reductio-aa:1")
7259        }
7260      next
7261        AOT_show ([E!]b  ¬([O!]b  q0))
7262          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3)
7263                "raa-cor:3" by blast
7264       qed
7265     qed
7266   next
7267     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7268       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7269             not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
7270   next
7271     AOT_show Δ(¬[E!]a & ([O!]a  q0))
7272     proof (rule not_act_and_pos_delta)
7273       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7274         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7275                   not_act_ord_a not_act_q_zero "reductio-aa:2")
7276     next
7277       AOT_have ¬[E!]a
7278         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a
7279               not_delta_concrete_a "raa-cor:5" by blast
7280       moreover AOT_have ([O!]a  q0)
7281         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
7282       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
7283         by (metis "KBasic:16" "&I" "vdash-properties:10")
7284     qed
7285   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
7286  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
7287    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7288  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
7289    using "&E" by blast+
7290  note props = props this
7291
7292  AOT_modally_strict {
7293    AOT_have y ¬q0] by "cqt:2[lambda]"
7294  } note 1 = this
7295  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
7296    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
7297       (auto simp: act_not_q_zero not_delta_not_q_zero
7298                   "beta-C-meta"[THEN "→E", OF 1])
7299  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
7300    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7301  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
7302    using "&E" by blast+
7303  note props = props this
7304
7305  AOT_modally_strict {
7306    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
7307  } note 1 = this
7308  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b &
7309                     𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
7310  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
7311    AOT_show 𝒜¬[E!]b
7312      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
7313  next AOT_show ¬Δ¬[E!]b
7314      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7315            b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
7316  next AOT_show 𝒜¬[E!]a
7317      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
7318  next AOT_show Δ¬[E!]a
7319      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta
7320            not_act_concrete_a not_delta_concrete_a "reductio-aa:1"
7321      by blast
7322  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7323  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
7324    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7325  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
7326    using "&E" by blast+
7327  note props = props this
7328
7329  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
7330    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
7331  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
7332    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7333  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
7334    using "&E" by blast+
7335  note props = props this
7336
7337  let  = "«y [O!]y  q0]»"
7338  AOT_modally_strict {
7339    AOT_have [«»] by "cqt:2[lambda]"
7340  } note 1 = this
7341  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7342  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
7343    AOT_show 𝒜([O!]b  q0)
7344      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
7345  next AOT_show Δ([O!]b  q0)
7346      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7347  next AOT_show ¬𝒜([O!]a  q0)
7348      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7349            not_act_q_zero "raa-cor:3" by blast
7350  next AOT_show Δ([O!]a  q0)
7351    proof (rule not_act_and_pos_delta)
7352      AOT_show ¬𝒜([O!]a  q0)
7353        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7354              not_act_q_zero "raa-cor:3" by blast
7355    next AOT_show ([O!]a  q0)
7356        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
7357    qed
7358  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7359  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
7360    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7361  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
7362    using "&E" by blast+
7363  note props = props this
7364
7365  let  = "«y [O!]y  ¬q0]»"
7366  AOT_modally_strict {
7367     AOT_have [«»] by "cqt:2[lambda]"
7368  } note 1 = this
7369  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7370  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
7371    AOT_show 𝒜([O!]b  ¬q0)
7372      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7373  next AOT_show Δ([O!]b  ¬q0)
7374      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7375  next AOT_show 𝒜([O!]a  ¬q0)
7376      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7377  next AOT_show ¬Δ([O!]a  ¬q0)
7378    proof(rule act_and_pos_not_not_delta)
7379      AOT_show 𝒜([O!]a  ¬q0)
7380        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7381    next
7382      AOT_have ¬[O!]a
7383        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta
7384              not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
7385      moreover AOT_have q0
7386        by (meson "&E"(1) q0_prop)
7387      ultimately AOT_have 2: (¬[O!]a & q0)
7388         by (metis "KBasic:16" "&I" "vdash-properties:10")
7389      AOT_show ¬([O!]a  ¬q0)
7390      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
7391        AOT_modally_strict {
7392          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
7393            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
7394                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
7395        }
7396      next
7397        AOT_show (¬[O!]a & q0)
7398          using "2" by blast
7399      qed
7400    qed
7401  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7402  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
7403    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7404  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
7405    using "&E" by blast+
7406  note props = props this
7407
7408  AOT_have [L]
7409    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
7410  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
7411  proof (safe intro!: "&I")
7412    AOT_show 𝒜[L]b
7413      by (meson nec_L "nec-imp-act" "vdash-properties:10")
7414    next AOT_show Δ[L]b using nec_L nec_delta by blast
7415    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "→E")
7416    next AOT_show Δ[L]a using nec_L nec_delta by blast
7417  qed
7418  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
7419    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7420  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
7421    using "&E" by blast+
7422  note props = props this
7423
7424  show ?thesis
7425    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1];
7426        rule "∃I"(2)[where β=F2]; rule "∃I"(2)[where β=F3];
7427        rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
7428        rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7];
7429        rule "∃I"(2)[where β=F8]; rule "∃I"(2)[where β=F9];
7430        rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
7431        rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13];
7432        rule "∃I"(2)[where β=F14]; rule "∃I"(2)[where β=F15];
7433        safe intro!: "&I")
7434       (match conclusion in "[?v  [F]  [G]]" for F G  7435        match props in A: "[?v  ¬φ{F}]" for φ 7436        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 7437        match props in B: "[?v  φ{G}]" 7438        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
7439                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
7440                                OF "Disjunction Addition"(2)[THEN "→E"],
7441                                OF "&I", OF A, OF B]››››)+
7442qed
7443
7444subsection‹The Theory of Objects›
7445text‹\label{PLM: 9.11}›
7446
7447AOT_theorem "o-objects-exist:1": x O!x
7448proof(rule RN)
7449  AOT_modally_strict {
7450    AOT_obtain a where (E!a & ¬𝒜[E!]a)
7451      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]]
7452      by blast
7453    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
7454    AOT_have x [E!]x]a
7455    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7456      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
7457    next
7458      AOT_show E!a by (fact 1)
7459    qed
7460    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
7461    AOT_thus x [O!]x by (rule "∃I")
7462  }
7463qed
7464
7465AOT_theorem "o-objects-exist:2": x A!x
7466proof (rule RN)
7467  AOT_modally_strict {
7468    AOT_obtain a where [A!]a
7469      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
7470    AOT_thus x A!x using "∃I" by blast
7471  }
7472qed
7473
7474AOT_theorem "o-objects-exist:3": ¬x O!x
7475  by (rule RN)
7476     (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]"
7477        "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2"
7478        "qml:2"[axiom_inst] "reductio-aa:2")
7479
7480AOT_theorem "o-objects-exist:4": ¬x A!x
7481  by (rule RN)
7482     (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]"
7483        "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2"
7484        "qml:2"[axiom_inst] "→E")
7485
7486AOT_theorem "o-objects-exist:5": ¬x E!x
7487proof (rule RN; rule "raa-cor:2")
7488  AOT_modally_strict {
7489    AOT_assume x E!x
7490    moreover AOT_obtain a where abs: A!a
7491      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]]
7492            "∃E"[rotated] by blast
7493    ultimately AOT_have E!a using "∀E" by blast
7494    AOT_hence 1: E!a by (metis "T◇" "→E")
7495    AOT_have y E!y]a
7496    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7497      AOT_show a using "cqt:2[const_var]"[axiom_inst].
7498    next
7499      AOT_show E!a by (fact 1)
7500    qed
7501    AOT_hence O!a
7502      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
7503    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
7504    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
7505  }
7506qed
7507
7508AOT_theorem partition: ¬x (O!x & A!x)
7509proof(rule "raa-cor:2")
7510  AOT_assume x (O!x & A!x)
7511  then AOT_obtain a where O!a & A!a
7512    using "∃E"[rotated] by blast
7513  AOT_thus p & ¬p for p
7514    by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1)
7515              "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
7516qed
7517
7518AOT_define eq_E :: ‹Π› ("'(=E')")
7519  "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
7520
7521syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
7522translations
7523  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
7524(* TODO: try to replace by a simple translations pattern *)
7525print_translation7526AOT_syntax_print_translations
7527[(const_syntax‹AOT_exe›, fn ctxt => fn [
7528  Const ("constAOT_PLM.eq_E", _),
7529  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7530] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
7531
7532text‹Note: Not explicitly mentioned as theorem in PLM.›
7533AOT_theorem "=E[denotes]": [(=E)]
7534  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
7535
7536AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
7537proof -
7538  (* TODO: rethink the product hacks *)
7539  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7540    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7541  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2"
7542  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
7543    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(_,_)", OF 0]
7544    by fast
7545qed
7546
7547AOT_theorem "=E-simple:2": x =E y  x = y
7548proof (rule "→I")
7549  AOT_assume x =E y
7550  AOT_hence O!x & O!y & F ([F]x  [F]y)
7551    using "=E-simple:1"[THEN "≡E"(1)] by blast
7552  AOT_thus x = y
7553    using "≡dfI"[OF "identity:1"] "∨I" by blast
7554qed
7555
7556AOT_theorem "id-nec3:1": x =E y  (x =E y)
7557proof (rule "≡I"; rule "→I")
7558  AOT_assume x =E y
7559  AOT_hence O!x & O!y & F ([F]x  [F]y)
7560    using "=E-simple:1" "≡E" by blast
7561  AOT_hence O!x & O!y & F ([F]x  [F]y)
7562    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4)
7563              "oa-facts:1" "raa-cor:3" "vdash-properties:10")
7564  AOT_hence (O!x & O!y & F ([F]x  [F]y))
7565    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
7566  AOT_thus (x =E y)
7567    using "=E-simple:1"
7568    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
7569next
7570  AOT_assume (x =E y)
7571  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
7572qed
7573
7574AOT_theorem "id-nec3:2": (x =E y)  x =E y
7575  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1,5) "Commutativity of ≡")
7576
7577AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
7578  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
7579
7580syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
7581translations
7582  (Π) "(≠E)" == (Π) "(=E)-"
7583syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
7584translations
7585 "_AOT_non_eq_E_infix κ κ'" ==
7586 "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
7587(* TODO: try replacing be a simple translations pattern *)
7588print_translation7589AOT_syntax_print_translations
7590[(const_syntax‹AOT_exe›, fn ctxt => fn [
7591  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
7592  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7593] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
7594AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
7595proof -
7596  (* TODO: try to avoid the product hacks *)
7597  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7598    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7599  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2"
7600  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
7601    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
7602       (meson "oth-class-taut:3:a")
7603  also AOT_have   ¬(=E)xy
7604    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
7605     apply "cqt:2[lambda]"
7606    by (fact 0)
7607  finally show ?thesis.
7608qed
7609
7610AOT_theorem "id-nec4:1": x E y  (x E y)
7611proof -
7612  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
7613  also AOT_have   ¬(x =E y)
7614    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
7615  also AOT_have   ¬(x =E y)
7616    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
7617  also AOT_have   (x E y)
7618    by (AOT_subst (reverse) ¬(x =E y) x E y)
7619       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
7620  finally show ?thesis.
7621qed
7622
7623AOT_theorem "id-nec4:2": (x E y)  (x E y)
7624  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2,5) "Commutativity of ≡")
7625
7626AOT_theorem "id-nec4:3": (x E y)  (x E y)
7627  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
7628
7629AOT_theorem "id-act2:1": x =E y  𝒜x =E y
7630  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1,6))
7631AOT_theorem "id-act2:2": x E y  𝒜x E y
7632  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1,6))
7633
7634AOT_theorem "ord=Eequiv:1": O!x  x =E x
7635proof (rule "→I")
7636  AOT_assume 1: O!x
7637  AOT_show x =E x
7638    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
7639    apply (rule "β←C"(1))
7640      apply "cqt:2[lambda]"
7641     apply (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7642    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
7643qed
7644
7645AOT_theorem "ord=Eequiv:2": x =E y  y =E x
7646proof(rule CP)
7647  AOT_assume 1: x =E y
7648  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
7649  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
7650  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
7651  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
7652qed
7653
7654AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
7655proof (rule CP)
7656  AOT_assume 1: x =E y & y =E z
7657  AOT_hence x = y & y = z
7658    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
7659  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
7660  moreover AOT_have x =E x
7661    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1)
7662          "ord=Eequiv:1" "→E" by blast
7663  ultimately AOT_show x =E z
7664    using "rule=E" by fast
7665qed
7666
7667AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
7668proof(rule CP)
7669  AOT_assume O!x  O!y
7670  moreover {
7671    AOT_assume O!x
7672    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
7673    moreover {
7674      AOT_modally_strict {
7675        AOT_have O!x  (x = y  x =E y)
7676        proof (rule "→I"; rule "≡I"; rule "→I")
7677          AOT_assume O!x
7678          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
7679          moreover AOT_assume x = y
7680          ultimately AOT_show x =E y using "rule=E" by fast
7681        next
7682          AOT_assume x =E y
7683          AOT_thus x = y by (metis "=E-simple:2" "→E")
7684        qed
7685      }
7686      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
7687    }
7688    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7689  }
7690  moreover {
7691    AOT_assume O!y
7692    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
7693    moreover {
7694      AOT_modally_strict {
7695        AOT_have O!y  (x = y  x =E y)
7696        proof (rule "→I"; rule "≡I"; rule "→I")
7697          AOT_assume O!y
7698          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
7699          moreover AOT_assume x = y
7700          ultimately AOT_show x =E y using "rule=E" id_sym by fast
7701        next
7702          AOT_assume x =E y
7703          AOT_thus x = y by (metis "=E-simple:2" "→E")
7704        qed
7705      }
7706      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
7707    }
7708    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7709  }
7710  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
7711qed
7712
7713AOT_theorem "ord-=E=:2": O!y  x x = y]
7714proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
7715  AOT_show x x =E y] by "cqt:2[lambda]"
7716next
7717  AOT_assume O!y
7718  AOT_hence 1: (x = y  x =E y) for x
7719    using "ord-=E=:1" "→E" "∨I" by blast
7720  AOT_have (x =E y  x = y) for x
7721    by (AOT_subst x =E y  x = y x = y  x =E y)
7722       (auto simp add: "Commutativity of ≡" 1)
7723  AOT_hence x (x =E y  x = y) by (rule GEN)
7724  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
7725qed
7726
7727
7728AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
7729proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
7730  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
7731next
7732  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
7733  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
7734    AOT_modally_strict {
7735      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
7736        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
7737                  "modus-tollens:1" "raa-cor:1" that)
7738    }
7739  next
7740    AOT_modally_strict {
7741      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
7742        apply(safe intro!: "&I")
7743          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
7744         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
7745        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
7746              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]]
7747        by fast
7748    }
7749  qed
7750qed
7751
7752AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
7753proof(rule "→I")
7754  AOT_assume F ([F]x  [F]y)
7755  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
7756  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
7757    using "∀E" by blast
7758  moreover AOT_have x F ([F]x  [F]y)]y
7759    apply (rule "β←C"(1))
7760      apply "cqt:2[lambda]"
7761     apply (fact "cqt:2[const_var]"[axiom_inst])
7762    by (simp add: RN GEN "oth-class-taut:3:a")
7763  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
7764  AOT_thus F ([F]x  [F]y)
7765    using "β→C"(1) by blast
7766qed
7767
7768AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
7769proof (rule "→I"; rule "→I")
7770  AOT_assume F ([F]x  [F]y)
7771  AOT_hence F ([F]x  [F]y)
7772    using "ind-nec"[THEN "→E"] by blast
7773  moreover AOT_assume O!x & O!y
7774  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
7775    using "&I" by blast
7776  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
7777qed
7778
7779AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
7780proof (rule "→I"; rule "→I")
7781  AOT_assume O!x & O!y
7782  moreover AOT_assume F ([F]x  [F]y)
7783  ultimately AOT_have x =E y
7784    using "ord=E:1" "→E" by blast
7785  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
7786qed
7787
7788AOT_theorem "ord=E2:1":
7789  (O!x & O!y)  (x  y  z z =E x]  z z =E y])
7790proof (rule "→I"; rule "≡I"; rule "→I";
7791       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7792  AOT_assume 0: O!x & O!y
7793  AOT_assume x  y
7794  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7795  AOT_assume z z =E x] = z z =E y]
7796  moreover AOT_have z z =E x]x
7797    apply (rule "β←C"(1))
7798      apply "cqt:2[lambda]"
7799     apply (fact "cqt:2[const_var]"[axiom_inst])
7800    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
7801  ultimately AOT_have z z =E y]x using "rule=E" by fast
7802  AOT_hence x =E y using "β→C"(1) by blast
7803  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
7804  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7805next
7806  AOT_assume z z =E x]  z z =E y]
7807  AOT_hence 0: ¬(z z =E x] = z z =E y])
7808    using "≡dfE"[OF "=-infix"] by blast
7809  AOT_have z z =E x] by "cqt:2[lambda]"
7810  AOT_hence z z =E x] = z z =E x]
7811    by (metis "rule=I:1")
7812  moreover AOT_assume x = y
7813  ultimately AOT_have z z =E x] = z z =E y]
7814    using "rule=E" by fast
7815  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
7816    using 0 "&I" by blast
7817qed
7818
7819AOT_theorem "ord=E2:2":
7820  (O!x & O!y)  (x  y  z z = x]  z z = y])
7821proof (rule "→I"; rule "≡I"; rule "→I";
7822       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7823  AOT_assume 0: O!x & O!y
7824  AOT_assume x  y
7825  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7826  AOT_assume z z = x] = z z = y]
7827  moreover AOT_have z z = x]x
7828    apply (rule "β←C"(1))
7829    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7830     apply (fact "cqt:2[const_var]"[axiom_inst])
7831    by (simp add: "id-eq:1")
7832  ultimately AOT_have z z = y]x using "rule=E" by fast
7833  AOT_hence x = y using "β→C"(1) by blast
7834  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7835next
7836  AOT_assume 0: O!x & O!y
7837  AOT_assume z z = x]  z z = y]
7838  AOT_hence 1: ¬(z z = x] = z z = y])
7839    using "≡dfE"[OF "=-infix"] by blast
7840  AOT_have z z = x]
7841    by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7842  AOT_hence z z = x] = z z = x]
7843    by (metis "rule=I:1")
7844  moreover AOT_assume x = y
7845  ultimately AOT_have z z = x] = z z = y]
7846    using "rule=E" by fast
7847  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
7848    using 1 "&I" by blast
7849qed
7850
7851AOT_theorem ordnecfail: O!x  ¬F x[F]
7852  by (meson "RM:1" "→I" nocoder[axiom_inst] "oa-facts:1" "→E")
7853
7854AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
7855proof (rule "→I"; rule "→I")
7856  AOT_assume 1: A!x & A!y
7857  AOT_assume F (x[F]  y[F])
7858  AOT_hence x[F]  y[F] for F using "∀E" by blast
7859  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
7860  AOT_hence F (x[F]  y[F]) by (rule GEN)
7861  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
7862  AOT_thus x = y
7863    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
7864qed
7865
7866AOT_theorem "ab-obey:2":
7867  (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
7868proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7869  AOT_assume 1: x = y
7870  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
7871  moreover {
7872    AOT_assume F (x[F] & ¬y[F])
7873    then AOT_obtain F where x[F] & ¬y[F]
7874      using "∃E"[rotated] by blast
7875    moreover AOT_have y[F]
7876      using calculation[THEN "&E"(1)] 1 "rule=E" by fast
7877    ultimately AOT_have p & ¬p for p
7878      by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
7879  }
7880  moreover {
7881    AOT_assume F (y[F] & ¬x[F])
7882    then AOT_obtain F where y[F] & ¬x[F]
7883      using "∃E"[rotated] by blast
7884    moreover AOT_have ¬y[F]
7885      using calculation[THEN "&E"(2)] 1 "rule=E" by fast
7886    ultimately AOT_have p & ¬p for p
7887      by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
7888  }
7889  ultimately AOT_show p & ¬p for p
7890    by (metis "∨E"(3) "raa-cor:1")
7891qed
7892
7893AOT_theorem "encoders-are-abstract": F x[F]  A!x
7894  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
7895            "oa-contingent:3" "vdash-properties:1[2]")
7896
7897AOT_theorem "denote=:1": Hx x[H]
7898  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; "cqt:2")
7899
7900AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
7901  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; "cqt:2")
7902
7903AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
7904  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; "cqt:2")
7905
7906AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
7907  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; "cqt:2")
7908
7909AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
7910  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; "cqt:2")
7911
7912AOT_theorem "denote=:3": x x[Π]  H (H = Π)
7913  using "existence:2[1]" "free-thms:1" "≡E"(2,5)
7914        "Commutativity of ≡" "≡Df" by blast
7915
7916AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
7917  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
7918
7919AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
7920  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
7921
7922AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
7923  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
7924
7925AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
7926  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
7927
7928AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
7929proof (rule "uniqueness:1"[THEN "≡dfI"])
7930  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
7931    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
7932  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
7933  proof (rule "→I")
7934    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
7935    AOT_hence β[F]  φ{F} for F
7936      using "∀E" "&E" by blast
7937    AOT_hence β[F]  a[F] for F
7938      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2,5)
7939            "Commutativity of ≡" by fast
7940    AOT_hence F (β[F]  a[F]) by (rule GEN)
7941    AOT_thus β = a
7942      using "ab-obey:1"[THEN "→E",
7943                OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]],
7944                THEN "→E"] by blast
7945  qed
7946  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
7947  AOT_thus α ([A!]α & F (α[F]  φ{F}) &
7948                β ([A!]β & F (β[F]  φ{F})  β = α))
7949    using "∃I" using a_prop "&I" by fast
7950qed
7951
7952AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
7953  using "A-objects!" by fast
7954
7955AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
7956  using "A-objects!" by fast
7957
7958AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
7959  using "A-objects!" by fast
7960
7961AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
7962  using "A-objects!" by fast
7963
7964AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
7965  using "A-objects!" by fast
7966
7967AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
7968  using "A-objects!" by fast
7969
7970AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
7971  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
7972
7973AOT_act_theorem "thm-can-terms2":
7974  y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
7975  using "y-in:2" by blast
7976
7977AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
7978proof(rule "→I")
7979  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
7980  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
7981    using "actual-desc:2"[THEN "→E"] by blast
7982  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
7983  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
7984qed
7985
7986AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7987proof -
7988  AOT_have ιx(A!x & F (x[F]  φ{F}))
7989    by (simp add: "A-descriptions")
7990  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) &
7991             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7992    using "y-in:3"[THEN "→E"] by blast
7993  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7994    using "&E" "∀E" by blast
7995qed
7996
7997AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
7998  using "desc-encode:1".
7999
8000AOT_theorem "desc-nec-encode:1":
8001  ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8002proof -
8003  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
8004    by (simp add: "A-descriptions")
8005  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) &
8006             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
8007    using "actual-desc:4"[THEN "→E"] by blast
8008  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8009    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
8010  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8011    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
8012  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8013    using "∀E" by blast
8014  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8015    using "Act-Basic:5" "≡E"(1) by blast
8016  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8017    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
8018qed
8019
8020AOT_theorem "desc-nec-encode:2":
8021  ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
8022  using "desc-nec-encode:1".
8023
8024AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
8025  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
8026     (meson "nec-imp-act" "vdash-properties:10")
8027
8028AOT_theorem "Box-desc-encode:2":
8029φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8030proof(rule CP)
8031  AOT_assume φ{G}
8032  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
8033  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8034  proof (rule RM; rule "→I")
8035    AOT_modally_strict {
8036      AOT_assume 1: φ{G}
8037      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G]
8038        using "Box-desc-encode:1" "→E" by blast
8039      moreover AOT_have φ{G}
8040        using 1 by (meson "qml:2"[axiom_inst] "→E")
8041      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
8042        using "→I" "≡I" by simp
8043    }
8044  qed
8045  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8046    using "→E" by blast
8047qed
8048
8049definition rigid_condition where
8050  rigid_condition φ  v . [v  α (φ{α}  φ{α})]
8051syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
8052
8053AOT_theorem "strict-can:1[E]":
8054  assumes RIGID_CONDITION(φ)
8055  shows α (φ{α}  φ{α})
8056  using assms[unfolded rigid_condition_def] by auto
8057
8058AOT_theorem "strict-can:1[I]":
8059  assumes  α (φ{α}  φ{α})
8060  shows RIGID_CONDITION(φ)
8061  using assms rigid_condition_def by auto
8062
8063AOT_theorem "box-phi-a:1":
8064  assumes RIGID_CONDITION(φ)
8065  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
8066proof (rule "→I")
8067  AOT_assume a: A!x & F (x[F]  φ{F})
8068  AOT_hence b: A!x
8069    by (metis "Conjunction Simplification"(1) "oa-facts:2" "→E")
8070  AOT_have x[F]  φ{F} for F
8071    using a[THEN "&E"(2)] "∀E" by blast
8072  moreover AOT_have (x[F]  x[F]) for F
8073    by (meson "pre-en-eq:1[1]" RN)
8074  moreover AOT_have (φ{F}  φ{F}) for F
8075    using RN "strict-can:1[E]"[OF assms] "∀E" by blast
8076  ultimately AOT_have (x[F]  φ{F}) for F
8077    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
8078  AOT_hence F (x[F]  φ{F}) by (rule GEN)
8079  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
8080  AOT_thus ([A!]x & F (x[F]  φ{F}))
8081    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
8082qed
8083
8084AOT_theorem "box-phi-a:2":
8085  assumes RIGID_CONDITION(φ)
8086  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8087proof(rule "→I")
8088  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8089  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8090    using "actual-desc:2"[THEN "→E"] by fast
8091  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
8092    using "Act-Basic:2" "&E" "≡E"(1) by blast+
8093  AOT_hence F 𝒜(y[F]  φ{F})
8094    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8095  AOT_hence 𝒜(y[F]  φ{F}) for F
8096    using "∀E" by blast
8097  AOT_hence 𝒜y[F]  𝒜φ{F} for F
8098    by (metis "Act-Basic:5" "≡E"(1)) 
8099  AOT_hence y[F]  φ{F} for F
8100    using "sc-eq-fur:2"[THEN "→E",
8101            OF "strict-can:1[E]"[OF assms,
8102                THEN "∀E"(2)[where β=F], THEN RN]]
8103    by (metis "en-eq:10[1]" "≡E"(6))
8104  AOT_hence F (y[F]  φ{F}) by (rule GEN)
8105  AOT_thus [A!]y & F (y[F]  φ{F})
8106    using abs "&I" "≡E"(2) "oa-facts:8" by blast
8107qed
8108
8109AOT_theorem "box-phi-a:3":
8110  assumes RIGID_CONDITION(φ)
8111  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8112  using "desc-nec-encode:2"
8113    "sc-eq-fur:2"[THEN "→E",
8114        OF "strict-can:1[E]"[OF assms,
8115          THEN "∀E"(2)[where β=F], THEN RN]]
8116    "≡E"(5) by blast
8117
8118AOT_define Null :: ‹τ  φ› ("Null'(_')") 
8119  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
8120
8121AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
8122  "df-null-uni:2": Universal(x) df A!x & F x[F]
8123
8124AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
8125proof (rule "uniqueness:1"[THEN "≡dfI"])
8126  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
8127    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8128  AOT_have a_null: ¬a[F] for F
8129  proof (rule "raa-cor:2")
8130    AOT_assume a[F]
8131    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
8132    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
8133    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
8134  qed
8135  AOT_have Null(a) & β (Null(β)  β = a)
8136  proof (rule "&I")
8137    AOT_have ¬F a[F]
8138      using a_null by (metis "instantiation" "reductio-aa:1")
8139    AOT_thus Null(a)
8140      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
8141  next
8142    AOT_show β (Null(β)  β = a)
8143    proof (rule GEN; rule "→I")
8144      fix β
8145      AOT_assume a: Null(β)
8146      AOT_hence ¬F β[F]
8147        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8148      AOT_hence β_null: ¬β[F] for F
8149        by (metis "existential:2[const_var]" "reductio-aa:1")
8150      AOT_have F (β[F]  a[F])
8151        apply (rule GEN; rule "≡I"; rule CP)
8152        using "raa-cor:3" β_null a_null by blast+
8153      moreover AOT_have A!β
8154        using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8155      ultimately AOT_show β = a
8156        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8157              "&I" by blast
8158    qed
8159  qed
8160  AOT_thus α (Null(α) & β (Null(β)  β = α))
8161    using "∃I"(2) by fast
8162qed
8163
8164AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
8165proof (rule "uniqueness:1"[THEN "≡dfI"])
8166  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
8167    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8168  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
8169  AOT_hence Universal(a)
8170    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
8171  moreover AOT_have β (Universal(β)  β = a)
8172  proof (rule GEN; rule "→I")
8173    fix β
8174    AOT_assume Universal(β)
8175    AOT_hence abs_β: A!β and β[F] for F
8176      using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
8177    AOT_hence β[F]  a[F] for F
8178      using aF by (metis "deduction-theorem" "≡I")
8179    AOT_hence F (β[F]  a[F]) by (rule GEN)
8180    AOT_thus β = a
8181      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8182            "&I" abs_β by blast
8183  qed
8184  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
8185    using "&I" "∃I" by fast
8186qed
8187
8188AOT_theorem "null-uni-uniq:3": ιx Null(x)
8189  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
8190
8191AOT_theorem "null-uni-uniq:4": ιx Universal(x)
8192  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
8193
8194AOT_define Null_object :: ‹κs (a)
8195  "df-null-uni-terms:1": a =df ιx Null(x)
8196
8197AOT_define Universal_object :: ‹κs (aV)
8198  "df-null-uni-terms:2": aV =df ιx Universal(x)
8199
8200AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
8201proof (rule "→I")
8202  AOT_assume Null(x)
8203  AOT_hence x_abs: A!x and x_null: ¬F x[F]
8204    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
8205  AOT_have ¬x[F] for F using x_null
8206    using "existential:2[const_var]" "reductio-aa:1"
8207    by metis
8208  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
8209  AOT_hence F ¬x[F] by (rule GEN)
8210  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
8211  moreover AOT_have F ¬x[F]  ¬F x[F]
8212    apply (rule RM)
8213    by (metis (full_types) "instantiation" "cqt:2[const_var]"[axiom_inst]
8214                           "→I" "reductio-aa:1" "rule-ui:1")
8215  ultimately AOT_have ¬F x[F]
8216    by (metis "→E")
8217  moreover AOT_have A!x using x_abs
8218    using "oa-facts:2" "vdash-properties:10" by blast
8219  ultimately AOT_have r: (A!x & ¬F x[F])
8220    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8221  AOT_show Null(x)
8222    by (AOT_subst Null(x) A!x & ¬F x[F])
8223       (auto simp: "df-null-uni:1" "≡Df" r)
8224qed  
8225
8226AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
8227proof (rule "→I")
8228  AOT_assume Universal(x)
8229  AOT_hence x_abs: A!x and x_univ: F x[F]
8230    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
8231  AOT_have x[F] for F using x_univ "∀E" by blast
8232  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
8233  AOT_hence F x[F] by (rule GEN)
8234  AOT_hence F x[F] by (rule BF[THEN "→E"])
8235  moreover AOT_have A!x using x_abs
8236    using "oa-facts:2" "vdash-properties:10" by blast
8237  ultimately AOT_have r: (A!x & F x[F])
8238    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8239  AOT_show Universal(x)
8240    by (AOT_subst Universal(x) A!x & F x[F])
8241       (auto simp add: "df-null-uni:2" "≡Df" r)
8242qed
8243
8244AOT_theorem "null-uni-facts:3": Null(a)
8245  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
8246   apply (simp add: "null-uni-uniq:3")
8247  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
8248    "sc-eq-fur:2"[THEN "→E",
8249        OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"],
8250        THEN "≡E"(1)]
8251  by blast
8252
8253AOT_theorem "null-uni-facts:4": Universal(aV)
8254  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
8255   apply (simp add: "null-uni-uniq:4")
8256  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
8257    "sc-eq-fur:2"[THEN "→E",
8258        OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"],
8259        THEN "≡E"(1)]
8260  by blast
8261
8262AOT_theorem "null-uni-facts:5": a  aV
8263proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8264    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8265    rule "≡dfI"[OF "=-infix"];
8266    rule "raa-cor:2")
8267  AOT_obtain x where nullx: Null(x)
8268    by (metis "instantiation" "df-null-uni-terms:1" "existential:1"
8269              "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:b[zero]")
8270  AOT_hence act_null: 𝒜Null(x)
8271    by (metis "nec-imp-act" "null-uni-facts:1" "→E")
8272  AOT_assume ιx Null(x) = ιx Universal(x)
8273  AOT_hence 𝒜x(Null(x)  Universal(x))
8274    using "actual-desc:5"[THEN "→E"] by blast
8275  AOT_hence x 𝒜(Null(x)  Universal(x))
8276    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8277  AOT_hence 𝒜Null(x)  𝒜Universal(x)
8278    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
8279  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
8280  AOT_hence Universal(x)
8281    by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "→E")
8282  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
8283  moreover AOT_have ¬F x[F]
8284    using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
8285  ultimately AOT_show p & ¬p for p
8286    by (metis "cqt-further:1" "raa-cor:3" "→E")
8287qed
8288
8289AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
8290proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8291  AOT_show ιx([A!]x & F (x[F]  F  F))
8292    by (simp add: "A-descriptions")
8293next
8294  AOT_show a
8295    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8296       (simp add: "null-uni-uniq:3")
8297next
8298  AOT_have ιx([A!]x & F (x[F]  F  F))
8299    by (simp add: "A-descriptions")
8300  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
8301    using "rule=I:1" by blast
8302  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
8303    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8304           rule "&I")
8305     apply (meson "≡dfE" "Conjunction Simplification"(1)
8306                  "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8307                  "null-uni-uniq:3" "rule-id-df:2:a[zero]" "→E")
8308    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8309next
8310  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
8311  proof (rule GEN)
8312    fix F
8313    AOT_have ¬a[F]
8314      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8315         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3) "∃I"(2)
8316                "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8317                "raa-cor:2" "rule-id-df:2:a[zero]"
8318                "russell-axiom[enc,1].ψ_denotes_asm")
8319    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
8320    proof(rule "raa-cor:2")
8321      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
8322      AOT_hence 𝒜(F  F)
8323        using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
8324      moreover AOT_have ¬𝒜(F  F)
8325        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2)
8326              "=-infix" "raa-cor:3" by blast
8327      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
8328    qed
8329    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
8330      using "deduction-theorem" "≡I" "raa-cor:4" by blast
8331  qed
8332qed
8333
8334AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
8335proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8336  AOT_show ιx([A!]x & F (x[F]  F = F))
8337    by (simp add: "A-descriptions")
8338next
8339  AOT_show aV
8340    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8341       (simp add: "null-uni-uniq:4")
8342next
8343  AOT_have ιx([A!]x & F (x[F]  F = F))
8344    by (simp add: "A-descriptions")
8345  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
8346    using "rule=I:1" by blast
8347  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
8348    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8349           rule "&I")
8350     apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2"
8351                  "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4"
8352                  "rule-id-df:2:a[zero]" "→E")
8353    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8354next
8355  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
8356  proof (rule GEN)
8357    fix F
8358    AOT_have aV[F]
8359      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8360      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2"
8361            "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]"
8362            "rule-ui:3" by blast
8363    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
8364      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
8365    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
8366      using "deduction-theorem" "≡I" by simp
8367  qed
8368qed
8369
8370AOT_theorem "aclassical:1":
8371Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
8372proof(rule GEN)
8373  fix R
8374  AOT_obtain a where a_prop:
8375    A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
8376    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8377  AOT_have a_enc: az [R]za]
8378  proof (rule "raa-cor:1")
8379    AOT_assume 0: ¬az [R]za]
8380    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8381      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
8382                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8383                THEN "≡E"(1), rotated])
8384         "cqt:2[lambda]"
8385    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8386      using "cqt-further:4" "vdash-properties:10" by blast
8387    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za])
8388      using "∀E" by blast
8389    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
8390      by (metis "&I" "deduction-theorem" "raa-cor:3")
8391    moreover AOT_have z [R]za] = z [R]za]
8392      by (rule "=I") "cqt:2[lambda]"
8393    ultimately AOT_have az [R]za]
8394      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8395    AOT_thus az [R]za] & ¬az [R]za]
8396      using 0 "&I" by blast
8397  qed
8398  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8399    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8400       "cqt:2"
8401  then AOT_obtain b where b_prop:
8402    A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
8403    using "∃E"[rotated] by blast
8404  AOT_have a  b
8405    apply (rule "≡dfI"[OF "=-infix"])
8406    using a_enc b_prop[THEN "&E"(2)]
8407    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8408          "raa-cor:3" "reductio-aa:1" by fast
8409  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
8410    using b_prop "&E" a_prop "&I" by meson
8411  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
8412  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
8413qed
8414
8415AOT_theorem "aclassical:2":
8416  Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
8417proof(rule GEN)
8418  fix R
8419  AOT_obtain a where a_prop:
8420    A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
8421    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8422  AOT_have a_enc: az [R]az]
8423  proof (rule "raa-cor:1")
8424    AOT_assume 0: ¬az [R]az]
8425    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8426      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
8427                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8428                THEN "≡E"(1), rotated])
8429         "cqt:2[lambda]"
8430    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8431      using "cqt-further:4" "vdash-properties:10" by blast
8432    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az])
8433      using "∀E" by blast
8434    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
8435      by (metis "&I" "deduction-theorem" "raa-cor:3")
8436    moreover AOT_have z [R]az] = z [R]az]
8437      by (rule "=I") "cqt:2[lambda]"
8438    ultimately AOT_have az [R]az]
8439      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8440    AOT_thus az [R]az] & ¬az [R]az]
8441      using 0 "&I" by blast
8442  qed
8443  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8444    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8445       "cqt:2"
8446  then AOT_obtain b where b_prop:
8447    A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
8448    using "∃E"[rotated] by blast
8449  AOT_have a  b
8450    apply (rule "≡dfI"[OF "=-infix"])
8451    using a_enc b_prop[THEN "&E"(2)]
8452    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8453          "raa-cor:3" "reductio-aa:1" by fast
8454  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
8455    using b_prop "&E" a_prop "&I" by meson
8456  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
8457  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
8458qed
8459
8460AOT_theorem "aclassical:3":
8461  Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
8462proof(rule GEN)
8463  fix R
8464  AOT_obtain a where a_prop:
8465    A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
8466    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8467  AOT_have z [R]a] by "cqt:2[lambda]"
8468  (* TODO: S should no longer be necessary *)
8469  then AOT_obtain S where S_def: S = z [R]a]
8470    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
8471  AOT_have a_enc: a[S]
8472  proof (rule "raa-cor:1")
8473    AOT_assume 0: ¬a[S]
8474    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
8475      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
8476                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8477                THEN "≡E"(1), rotated]) 
8478    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
8479      using "cqt-further:4" "vdash-properties:10" by blast
8480    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
8481    AOT_hence (A!a & S = z [R]a])  a[S]
8482      by (metis "&I" "deduction-theorem" "raa-cor:3")
8483    moreover AOT_have S = z [R]a] using S_def .
8484    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8485    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
8486  qed
8487  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
8488    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
8489  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
8490    using "∃E"[rotated] by blast
8491  AOT_have 1: a  b
8492    apply (rule "≡dfI"[OF "=-infix"])
8493    using a_enc b_prop[THEN "&E"(2)]
8494    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8495          "raa-cor:3" "reductio-aa:1" by fast
8496  AOT_have a:  [R]a] = ([R]a)
8497    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8498    by (meson "log-prop-prop:2")
8499  AOT_have b:  [R]b] = ([R]b)
8500    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8501    by (meson "log-prop-prop:2")
8502  AOT_have  [R]a] =  [R]b]
8503    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
8504    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
8505    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
8506     apply (rule "rule=E"[rotated, OF S_def])
8507    using b_prop "&E" apply blast
8508    apply (safe intro!: "&I")
8509    by (simp add: "log-prop-prop:2")+
8510  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
8511    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)]
8512          "&I" by auto
8513  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
8514  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
8515qed
8516
8517AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
8518proof -
8519  AOT_have x y ([A!]x & [A!]y & x  y &
8520               z xy F ([F]x  [F]y)]zx] =
8521               z xy F ([F]x  [F]y)]zy])
8522    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
8523       "cqt:2"
8524  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
8525               z xy F ([F]x  [F]y)]zx] =
8526               z xy F ([F]x  [F]y)]zy])
8527    using "∃E"[rotated] by blast
8528  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
8529               z xy F ([F]x  [F]y)]zx] =
8530               z xy F ([F]x  [F]y)]zy])
8531    using "∃E"[rotated] by blast
8532  AOT_have z xy F ([F]x  [F]y)]zx]x
8533    by (auto intro!: "β←C"(1) "cqt:2";
8534        simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3"
8535                  "oth-class-taut:3:a" "universal-cor")
8536  AOT_hence z xy F ([F]x  [F]y)]zy]x
8537    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
8538  AOT_hence xy F ([F]x  [F]y)]xy
8539    by (rule "β→C"(1))
8540  AOT_hence F ([F]x  [F]y)
8541    using "β→C"(1) old.prod.case by fast
8542  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y)
8543    using 0 "&E" "&I" by blast
8544  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
8545  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
8546qed
8547
8548AOT_theorem "kirchner-thm:1":
8549  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8550proof(rule "≡I"; rule "→I")
8551  AOT_assume x φ{x}]
8552  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
8553  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8554  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8555    AOT_modally_strict {
8556      fix x y
8557      AOT_assume 0: x φ{x}]
8558      moreover AOT_assume F([F]x  [F]y)
8559      ultimately AOT_have x φ{x}]x  x φ{x}]y
8560        using "∀E" by blast
8561      AOT_thus (φ{x}  φ{y})
8562        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8563    }
8564  qed
8565  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8566    using "→E" by blast
8567next
8568  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y})) 
8569            y(x(F([F]x  [F]y) & φ{x})  φ{y})
8570  proof(rule "RM:1"; rule "→I"; rule GEN)
8571    AOT_modally_strict {
8572      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8573      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
8574        using "∀E"(2) "→E" that by blast
8575      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
8576      proof (rule "raa-cor:1")
8577        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
8578        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y}) 
8579                   (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8580          using "≡E"(1) "oth-class-taut:4:h" by blast
8581        moreover {
8582          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
8583          AOT_obtain a where F([F]a  [F]y) & φ{a}
8584            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8585          AOT_hence φ{y}
8586            using indisc[THEN "≡E"(1)] "&E" by blast
8587          AOT_hence p & ¬p for p
8588            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8589        }
8590        moreover {
8591          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8592          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
8593            using "&E"(1) "cqt-further:4" "→E" by blast
8594          AOT_hence ¬(F([F]y  [F]y) & φ{y})
8595            using "∀E" by blast
8596          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
8597            using "≡E"(1) "oth-class-taut:5:c" by blast
8598          moreover AOT_have F([F]y  [F]y)
8599            by (simp add: "oth-class-taut:3:a" "universal-cor")
8600          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
8601          AOT_hence p & ¬p for p
8602            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8603        }
8604        ultimately AOT_show p & ¬p for p
8605          using "∨E"(3) "raa-cor:1" by blast
8606      qed
8607    }
8608  qed
8609  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8610  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
8611    using "→E" by blast
8612  AOT_thus x φ{x}]
8613    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8614qed
8615
8616AOT_theorem "kirchner-thm:2":
8617  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8618    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8619proof(rule "≡I"; rule "→I")
8620  AOT_assume x1...xn φ{x1...xn}]
8621  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "→E")
8622  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8623    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8624  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8625    AOT_modally_strict {
8626      fix x1xn y1yn :: 'a AOT_var›
8627      AOT_assume 0: x1...xn φ{x1...xn}]
8628      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8629      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn 
8630                           x1...xn φ{x1...xn}]y1...yn
8631        using "∀E" by blast
8632      AOT_thus (φ{x1...xn}  φ{y1...yn})
8633        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8634    }
8635  qed
8636  ultimately AOT_show x1...∀xny1...∀yn(
8637    F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8638  )
8639    using "→E" by blast
8640next
8641  AOT_have 8642    (x1...∀xny1...∀yn
8643      (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})))
8644     y1...∀yn
8645        ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8646         φ{y1...yn})
8647  proof(rule "RM:1"; rule "→I"; rule GEN)
8648    AOT_modally_strict {
8649      AOT_assume x1...∀xny1...∀yn
8650        (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8651      AOT_hence indisc: φ{x1...xn}  φ{y1...yn}
8652        if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
8653        using "∀E"(2) "→E" that by blast
8654      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8655                φ{y1...yn} for y1yn
8656      proof (rule "raa-cor:1")
8657        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8658                    φ{y1...yn})
8659        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn)
8660                    & φ{x1...xn}))
8661                    & ¬φ{y1...yn}) 
8662                  (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8663                   & φ{y1...yn})
8664          using "≡E"(1) "oth-class-taut:4:h" by blast
8665        moreover {
8666          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8667                         & ¬φ{y1...yn}
8668          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
8669            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8670          AOT_hence φ{y1...yn}
8671            using indisc[THEN "≡E"(1)] "&E" by blast
8672          AOT_hence p & ¬p for p
8673            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8674        }
8675        moreover {
8676          AOT_assume 0: ¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8677                         & φ{y1...yn}
8678          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
8679            using "&E"(1) "cqt-further:4" "→E" by blast
8680          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn})
8681            using "∀E" by blast
8682          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
8683            using "≡E"(1) "oth-class-taut:5:c" by blast
8684          moreover AOT_have F([F]y1...yn  [F]y1...yn)
8685            by (simp add: "oth-class-taut:3:a" "universal-cor")
8686          ultimately AOT_have ¬φ{y1...yn}
8687            by (metis "¬¬I" "∨E"(2))
8688          AOT_hence p & ¬p for p
8689            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8690        }
8691        ultimately AOT_show p & ¬p for p
8692          using "∨E"(3) "raa-cor:1" by blast
8693      qed
8694    }
8695  qed
8696  moreover AOT_assume x1...∀xny1...∀yn
8697    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8698  ultimately AOT_have y1...∀yn
8699    ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8700     φ{y1...yn})
8701    using "→E" by blast
8702  AOT_thus x1...xn φ{x1...xn}]
8703    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8704qed
8705
8706AOT_theorem "kirchner-thm-cor:1":
8707  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8708proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8709  fix x y
8710  AOT_assume x φ{x}]
8711  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8712    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
8713  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8714    using CBF[THEN "→E"] by blast
8715  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8716    using "∀E" by blast
8717  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8718    using CBF[THEN "→E"] by blast
8719  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
8720    using "∀E" by blast
8721  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
8722    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8723  moreover AOT_assume F([F]x  [F]y)
8724  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
8725qed
8726
8727AOT_theorem "kirchner-thm-cor:2":
8728  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8729    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8730proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8731  fix x1xn y1yn
8732  AOT_assume x1...xn φ{x1...xn}]
8733  AOT_hence 0: x1...∀xny1...∀yn
8734    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8735    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
8736  AOT_have x1...∀xny1...∀yn
8737    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8738  proof(rule GEN; rule GEN)
8739    fix x1xn y1yn
8740    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8741      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
8742      using "∀E" by blast
8743  qed
8744  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn) 
8745                         (φ{x1...xn}  φ{y1...yn}))
8746    using "∀E" by blast
8747  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8748    using "∀E" by blast
8749  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8750    using "∀E" by blast
8751  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8752    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8753  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8754  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2"
8755  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn 
8756                       x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8757    using "∀E" by blast
8758  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8759    apply (rule "β←C"(1))
8760      apply "cqt:2[lambda]"
8761     apply (fact "cqt:2[const_var]"[axiom_inst])
8762    by (simp add: RN GEN "oth-class-taut:3:a")
8763  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn
8764    using "≡E"(2) by blast
8765  AOT_hence F ([F]x1...xn  [F]y1...yn)
8766    using "β→C"(1) by blast
8767  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
8768qed
8769
8770subsection‹Propositional Properties›
8771text‹\label{PLM: 9.12}›
8772
8773AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
8774  "prop-prop1": Propositional([F]) df p(F = y p])
8775
8776AOT_theorem "prop-prop2:1": p y p]
8777  by (rule GEN) "cqt:2[lambda]"
8778
8779AOT_theorem "prop-prop2:2": ν φ]
8780  by "cqt:2[lambda]"
8781
8782AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
8783proof (rule "→I")
8784  AOT_assume 0: F = y p]
8785  AOT_show x([F]x  p)
8786    by (rule "rule=E"[rotated, OF 0[symmetric]];
8787        rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
8788      "cqt:2[lambda]"
8789qed
8790
8791AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
8792proof(rule "→I")
8793  AOT_assume Propositional([F])
8794  AOT_hence p(F = y p])
8795    using "≡dfE"[OF "prop-prop1"] by blast
8796  then AOT_obtain p where F = y p]
8797    using "∃E"[rotated] by blast
8798  AOT_hence (F = y p])
8799    using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
8800  AOT_hence p (F = y p])
8801    using "∃I" by fast
8802  AOT_hence 0: p (F = y p])
8803    by (metis Buridan "vdash-properties:10")
8804  AOT_thus Propositional([F])
8805    using "prop-prop1"[THEN "≡Df"]
8806    by (AOT_subst Propositional([F]) p (F = y p])) auto
8807qed
8808
8809AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
8810  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
8811
8812AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
8813proof(rule "→I")
8814  AOT_assume Propositional([Π])
8815  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
8816  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
8817  AOT_show Indiscriminate([Π])
8818  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8819    AOT_show Π
8820      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
8821  next
8822    AOT_show (x [Π]x  x [Π]x)
8823    proof (rule "rule=E"[rotated, OF Π_def[symmetric]];
8824           rule RN; rule "→I"; rule GEN)
8825      AOT_modally_strict {
8826        AOT_assume x y p]x
8827        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
8828        AOT_hence 0: p by (metis "β→C"(1))
8829        AOT_show y p]x for x
8830          apply (rule "β←C"(1))
8831            apply "cqt:2[lambda]"
8832           apply (fact "cqt:2[const_var]"[axiom_inst])
8833          by (fact 0)
8834      }
8835    qed
8836  qed
8837qed
8838
8839AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
8840proof (rule "→I")
8841  AOT_assume Necessary([F])
8842  AOT_hence 0: x1...∀xn [F]x1...xn
8843    using "≡dfE"[OF "contingent-properties:1"] by blast
8844  AOT_show Indiscriminate([F])
8845    by (rule "≡dfI"[OF "prop-indis"])
8846       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "→E") 
8847qed
8848
8849AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
8850proof (rule "→I")
8851  AOT_modally_strict {
8852    AOT_have x ¬[F]x  (x [F]x  x [F]x)
8853      by (metis "∃E" "cqt-orig:3" "Hypothetical Syllogism" "→I" "raa-cor:3")
8854  }
8855  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
8856    by (rule "RM:1")
8857  AOT_assume Impossible([F])
8858  AOT_hence x ¬[F]x
8859    using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
8860  AOT_hence 1: (x [F]x  x [F]x)
8861    using 0 "→E" by blast
8862  AOT_show Indiscriminate([F])
8863    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8864       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
8865qed
8866
8867AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
8868proof(rule "raa-cor:2")
8869  AOT_assume Indiscriminate([E!])
8870  AOT_hence 0: (x [E!]x  x [E!]x)
8871    using "≡dfE"[OF "prop-indis"] "&E" by blast
8872  AOT_hence x [E!]x  x [E!]x
8873    using "KBasic:13" "vdash-properties:10" by blast
8874  moreover AOT_have x [E!]x
8875    by (simp add: "thm-cont-e:3")
8876  ultimately AOT_have x [E!]x
8877    by (metis "vdash-properties:6")
8878  AOT_thus p & ¬p for p
8879    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
8880qed
8881
8882AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
8883proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]];
8884       rule "raa-cor:2")
8885  AOT_assume Indiscriminate(x ¬[E!]x])
8886  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
8887    using "≡dfE"[OF "prop-indis"] "&E" by blast
8888  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
8889    using "→E" "qml:1" "vdash-properties:1[2]" by blast
8890  moreover AOT_have x x ¬[E!]x]x
8891    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
8892    apply (rule "beta-C-meta"[THEN "→E"])
8893     apply "cqt:2"
8894    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2"
8895                           "o-objects-exist:5" "→E")
8896  ultimately AOT_have 1: x x ¬[E!]x]x
8897    by (metis "vdash-properties:6")
8898  AOT_hence x ¬[E!]x
8899    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
8900       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
8901  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
8902  moreover AOT_obtain a where abs_a: O!a
8903    using "∃E" "o-objects-exist:1" "qml:2"[axiom_inst] "→E" by blast
8904  ultimately AOT_have ¬[E!]a using "∀E" by blast
8905  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
8906  AOT_have A!a
8907    apply (rule "=dfI"(2)[OF AOT_abstract])
8908     apply "cqt:2[lambda]"
8909    apply (rule "β←C"(1))
8910      apply "cqt:2[lambda]"
8911    using "cqt:2[const_var]"[axiom_inst] apply blast
8912    by (fact 2)
8913  AOT_thus p & ¬p for p using abs_a
8914    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
8915qed
8916
8917AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
8918proof(rule "raa-cor:2")
8919  AOT_assume Indiscriminate(O!)
8920  AOT_hence 0: (x O!x  x O!x)
8921    using "≡dfE"[OF "prop-indis"] "&E" by blast
8922  AOT_hence x O!x  x O!x
8923    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8924  moreover AOT_have x O!x
8925    using "o-objects-exist:1" by blast
8926  ultimately AOT_have x O!x
8927    by (metis "vdash-properties:6")
8928  AOT_thus p & ¬p for p
8929    by (metis "o-objects-exist:3" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8930qed
8931
8932AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
8933proof(rule "raa-cor:2")
8934  AOT_assume Indiscriminate(A!)
8935  AOT_hence 0: (x A!x  x A!x)
8936    using "≡dfE"[OF "prop-indis"] "&E" by blast
8937  AOT_hence x A!x  x A!x
8938    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8939  moreover AOT_have x A!x
8940    using "o-objects-exist:2" by blast
8941  ultimately AOT_have x A!x
8942    by (metis "vdash-properties:6")
8943  AOT_thus p & ¬p for p
8944    by (metis "o-objects-exist:4" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8945qed
8946
8947AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
8948  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
8949
8950AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
8951  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
8952
8953AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
8954  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
8955
8956AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
8957  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
8958
8959AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
8960proof(rule "→I")
8961  AOT_assume p (F = y p])
8962  AOT_hence p (F = y p])
8963    by (metis "BF◇" "→E")
8964  then AOT_obtain p where (F = y p])
8965    using "∃E"[rotated] by blast
8966  AOT_hence F = y p]
8967    by (metis "derived-S5-rules:2" emptyE "id-nec:2" "→E")
8968  AOT_thus p(F = y p]) by (rule "∃I")
8969qed
8970
8971AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
8972proof(rule "→I")
8973  AOT_assume p (F  y p])
8974  AOT_hence (F  y p]) for p
8975    using "∀E" by blast
8976  AOT_hence (F  y p]) for p
8977    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2"
8978  AOT_hence p (F  y p]) by (rule GEN)
8979  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
8980qed
8981
8982AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
8983proof(rule "→I")
8984  AOT_assume p (F = y p])
8985  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
8986  AOT_hence (F = y p]) by (metis "id-nec:2" "→E")
8987  AOT_hence p(F = y p]) by (rule "∃I")
8988  AOT_thus p(F = y p]) by (metis Buridan "→E")
8989qed
8990
8991AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
8992proof(rule "→I")
8993  AOT_assume p (F  y p])
8994  AOT_hence p (F  y p]) by (metis "Buridan◇" "→E")
8995  AOT_hence (F  y p]) for p
8996    using "∀E" by blast
8997  AOT_hence F  y p] for p
8998    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2"
8999  AOT_thus p (F  y p]) by (rule GEN)
9000qed
9001
9002AOT_theorem "enc-prop-nec:1":
9003  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9004proof(rule "→I"; rule GEN; rule "→I")
9005  fix F
9006  AOT_assume F (x[F]  p(F = y p]))
9007  AOT_hence F (x[F]  p(F = y p]))
9008    using "Buridan◇" "vdash-properties:10" by blast
9009  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
9010  AOT_assume x[F]
9011  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
9012  AOT_hence p(F = y p])
9013    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
9014  AOT_thus p(F = y p])
9015    using "prop-prop-nec:1"[THEN "→E"] by blast
9016qed
9017
9018AOT_theorem "enc-prop-nec:2":
9019  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9020  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
9021  by blast
9022
9023(*<*)
9024end
9025(*>*)